On Thursday, April 16, 2015, the Office for Civil Rights (OCR) of the U.S. Department of Health and Human Services (HHS) issued guidance, consisting of two frequently asked questions (FAQs), on the application of the HIPAA Privacy, Security, and … [Read more] about HHS Issues Guidance on HIPAA and Workplace Wellness Programs
FTC Proposes Settlement with Two Companies Over False Safe-Harbor Claims
On April 7, 2015, two U.S. companies agreed to settle Federal Trade Commission (“FTC”) allegations that they falsely claimed to be in compliance with the U.S.-EU Safe Harbor Framework and the U.S.-Swiss Safe Harbor Framework. In the concurrently … [Read more] about FTC Proposes Settlement with Two Companies Over False Safe-Harbor Claims
PCI-DSS Standard Updated To Address SSL Vulnerabilities
On April 15, 2015, the Payment Card Industry Security Standards Council (PCI-SSC) updated the PCI Data Security Standard (PCI-DSS) from version 3.0 to version 3.1. The new version is effective immediately. PCI DSS Version 3.0 will be retired on June … [Read more] about PCI-DSS Standard Updated To Address SSL Vulnerabilities
FCC Adopts Consent Order with AT&T Over Alleged Data Security Violations
The Federal Communications Commission (FCC) announced on April 8 that it had adopted a consent decree between its Enforcement Bureau and AT&T Services, Inc. (AT&T), including a civil penalty of $25 million and a requirement to adopt a … [Read more] about FCC Adopts Consent Order with AT&T Over Alleged Data Security Violations
Kim Peretti and Dominique Shelton Speaking at Georgetown’s 2015 Cybersecurity Law Institute
Kim Peretti and Dominique Shelton will be featured speakers at the 3rd Annual Cybersecurity Law Institute, hosted by Georgetown Law Continuing Legal Education, and co-sponsored by the American Bar Association Cybersecurity Legal Task Force, Bloomberg … [Read more] about Kim Peretti and Dominique Shelton Speaking at Georgetown’s 2015 Cybersecurity Law Institute