Paula Stannard, one of the practice leaders of the firm’s HIPAA Privacy & Security Team authored, “Business Associates’ HIPAA Compliance: Should Covered Entities Be Concerned?” in Bloomberg BNA’s Health IT Law & Industry Report. The article discusses why HIPAA covered entities (or business associates) should be concerned about the ability of their business associates (or […]
Privacy & Cyber Regulatory Enforcement
Virginia Becomes First State To Mandate Advanced Credit Card Security for State Agencies
On May 5, Virginia Governor Terry McAuliffe signed Executive Directive 5 (2015), which requires the state’s technology and finance secretaries, treasurer and comptroller to update Virginia’s main purchasing card program to include advanced chip-and-pin technology by December. The Directive notes that many of Virginia’s political subdivisions and authorities have already converted purchase card programs to […]
Target, MasterCard Settlement Allowed to Proceed
The court in In re: Target Corporation Customer Data Security Breach Litigation (D. Minn. MDL No. 14-2522) today entered an order denying the plaintiffs’ motion to enjoin a settlement between MasterCard and Target stemming from the 2013 security breach of Target’s systems. The parties had agreed that Target would pay MasterCard $19 million for damages […]
DOJ Issues Data Breach Guidance
On Wednesday, April 29, 2015, the Department of Justice Computer Crime and Intellectual Property Section (CCIPS) Cybersecurity Unit issued new, detailed guidance on data breach incident response best practices. The document was announced at an invitation-only round table hosted by DOJ and provides guidance on what DOJ regards as “best practices for victims and potential […]
FTC Settles With Retail Tracking Firm Regarding Alleged Opt-out Misrepresentation
On April 23, 2015, the FTC and Nomi Technologies, Inc. (“Nomi”) settled the FTC’s misrepresentation charges related to Nomi’s “Listen” service, a multiple sensor technology that allows retailers to measure consumers’ in-store movements. Nomi’s sensors track consumers as they browse physical stores. According to the complaint, “Nomi places sensors in its clients’ retail locations that detect […]