In Federal Trade Commission v. Wyndham Worldwide Corp., et al., No. 13-cv-01887-ES-JAD (D.N.J. Apr. 7, 2014), Judge Esther Salas of the U.S. District Court for the District of New Jersey denied Wyndham’s request for dismissal of the FTC’s lawsuit against the hotel resort chain as a result of getting hacked.* Wyndham had challenged the FTC’s […]
Privacy & Cyber Regulatory Enforcement
Kim Peretti to Speak at Georgetown Law’s Cybersecurity Law Institute
Kim Peretti, co-chair of the firm’s Security Incident Management & Response Team, will be a featured speaker during the second annual Cybersecurity Law Institute sponsored by the Georgetown University Law Center. Cybersecurity continues to stay in the news in 2014 as the White House calls for a “Consumer Privacy Bill of Rights” for the digital age. What […]
SIA Announces Revised Privacy Framework
The Security Industry Association (“SIA”) announced the revised SIA Privacy Framework on April 1, 2014. Building on the initial framework released in 2010, the revised SIA Privacy Framework is designed to provide guidance to companies seeking to establish adequate privacy policies to protect personally identifiable information and other sensitive data. This release outlines a core […]
Financial Regulators Release Statements on Cyber-Attacks
On April 2, 2014, the Federal Financial Institutions Examination Council (“FFIEC”) issued a press release, alerting that FFIEC members are issuing joint statements on the risks associated with cyber-attacks on Automated Teller Machine (“ATM”) and card authorization systems and the continued distributed denial of service (“DDoS”) attacks on websites. These joint statements highlight the risks […]
OCR and ONC Release New Security Risk Assessment Tool
Late last week, the HHS Office for Civil Rights (OCR) and Office of the National Coordinator for Health Information Technology (ONC) released a security risk assessment (SRA) tool designed to help health care providers conduct risk assessments as required by the HIPAA Security Rule. Under the Security Rule, health care providers must perform risk assessments […]