On September 13, 2016, Governor Andrew Cuomo announced the issuance of proposed “first-in-the-nation” cybersecurity regulations for entities regulated by the New York Department of Financial Services (DFS), including jurisdictional banks, insurance companies, and other financial institutions. The proposed regulation will be subject to a 45-day comment period prior to being issued as a final rule. […]
Privacy & Cyber Regulatory Enforcement
Centers for Medicare and Medicaid Services Issues Emergency Preparedness Requirements That Address Cyber-Attacks
The Centers for Medicare and Medicaid Services (“CMS”) issued a final rule on September 8th, 2016 establishing national emergency preparedness requirements for providers and suppliers participating in Medicare and Medicaid in response to “inconsistency in the level of emergency preparedness amongst healthcare providers.” The rule will be officially published in the Federal Register on September […]
Eighth Circuit Decision Interpreting Spokeo Shows Impact of Supreme Court Decision on Privacy Actions
In issuing its decision in Braitberg v. Charter Communications, the Eighth Circuit recently became the first federal appellate court to issue a published opinion interpreting Spokeo and, as predicted, shows that the Supreme Court’s ruling will have a significant impact on the viability of privacy-related claims. In Braitberg, the plaintiff alleged that Charter indefinitely retained […]
Austrian Supreme Court Refers Schrems Consumer Class Action to ECJ
Just under a year ago today, the European Court of Justice (ECJ) issued its Schrems decision, which invalidated Safe Harbor and led to substantial developments in US-EU data-transfer mechanisms. In parallel to the ECJ Safe Harbor litigation, Mr. Schrems has maintained two further legal proceedings in the EU: (1) a challenge in the Irish courts […]
FTC seeks public comment on Safeguards Rule and proposed changes
On August 29, 2016, the FTC announced it is seeking public comment on its Safeguards Rule as part of a systematic review of all FTC rules and guides. The Safeguards Rule came into force in 2003 after the Gramm-Leach-Bliley Act (GLBA) required that the FTC and other agencies establish administrative, technical, and physical information security […]