New Jersey Governor Chris Christie has signed a new law requiring health insurance companies to protect client health information by encrypting the data. The law applies to any insurance company, health service corporation, hospital service corporation, medical service corporation, or health maintenance organization authorized to issue health benefits plans in New Jersey. These entities must take […]
Cybersecurity
NIST releases “Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans.”
On December 12, 2014, the National Institute for Standards and Technology (“NIST”) announced the release of Special Publication 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans (“SP 800-53A”). SP 800-53A is a companion guideline to Special Publication 800-53, Security and Privacy Controls for Federal Information Systems and Organizations […]
Data Protection Commissioners Adopt Resolution on International Cooperation
On October 14, the International Data Protection and Privacy Commissioners’ (“IDPPC”) conference adopted a resolution calling for increased enforcement cooperation among international data protection authorities. Data protection authorities from around the world participated in the IDPCC conference, including representatives from Europe, Asia, the United States (including the Federal Trade Commission), and South America. In the […]
New California Law Expands Data Security Requirements, SSN Protections and Breach Notification Obligations
On September 30, 2014, the Governor of California signed Assembly Bill 1710, which made three small but important changes to the state’s privacy laws. The bill: (1) amended California’s breach notification law to require that the notifying entities offer identity theft protection services to affected individuals in certain cases; (2) required California businesses that “maintain” […]
Kim Peretti authors Bloomberg BNA article on Cyber Threat Intelligence and Information Sharing
Kim Peretti, co-chair of the firm’s Security Incident Management & Response Team, authored (with contributions from associate Lou Dennig) the Bloomberg BNA article, “Cyber Threat Intelligence: To Share or Not to Share—What Are the Real Concerns?” In the article, Peretti discusses the importance of exchanging cyberthreat information and the concerns relating to information sharing, as […]