Hunton Andrews Kurth writes: On December 15, 2020, the Federal Trade Commission announced a proposed settlement with Ascension Data & Analytics, LLC, a Texas-based mortgage industry data analytics company (“Ascension”), to resolve allegations that the company failed to ensure one of its vendors was adequately securing personal information of mortgage holders. The FTC alleged that Ascension’s vendor, OpticsML,…
Category: Breach Laws
Federal Financial Agencies Propose Requirement for Computer Security Incident Notification
A press release from the FDIC on December 18: Federal financial regulatory agencies today announced a proposal that would require supervised banking organizations to promptly notify their primary federal regulator in the event of a computer security incident. In particular, alerts would be required for incidents that could result in a banking organization’s inability to…
Survey: To Report or Not Report Health Care Data Breaches
To Report or Not Report Health Care Data Breaches December 11, 2020 Amanda Walden, PhD, RHIA, CHDA , Kendall Cortelyou-Ward, PhD , Meghan Hufstader Gabriel, PhD , Alice Noblin, PhD, RHIA, CCS, PMP The American Journal of Managed Care, December 2020, Volume 26, Issue 12 This study presents information regarding the decisions that health care privacy officers make about reporting a data breach, including…
Michigan Considers Enhanced Data Breach Notification Law
Joseph Lazzarotti and Maya Atrakchi of JacksonLewis write: Privacy and security continue to be at the forefront for legislatures across the nation, despite (or perhaps because of) the COVID-19 pandemic. In late May, with back-to-back amendments, Washington D.C. and Vermont significantly overhauled their data breach notification laws, including expansion of the definition of personal information,…
Walmart Sued Under CCPA After Data Breach
Phil Muncaster reports: Walmart has become the latest big-name brand accused of violating California’s new data breach regulations. The retail giant is the subject of a new complaint alleging that customers now face “significant injuries and damage” after an unspecified incident. Customer names, addresses, financial and other information were among the haul for attackers, according…
Citing NY’s SHIELD Act, NYSBA Approves Cybersecurity CLE Requirement for All Attorneys
Caroline Morgan of Fox Rothschild reports that the New York State Bar Association (NYSBA) has approved a new requirement that New York attorneys take one cybsersecurity CLE credit. The proposal is presently before the New York CLE board for consideration. Read more on Privacy Compliance & Data Security.