Commentaries and Analyses – Page 602

Tennessee Breach-Notification Law Indicative of Data-Security Regulators’ Lack of Creativity

Posted on June 14, 2016 by Dissent

David Zetoony of Bryan Cave writes: There is no shortage of data-privacy and security laws in the United States. By our count there are now about 300 state and federal statutes. They include breach-notification laws, data-disposal laws, data-safeguard laws, payment card information-protection laws … the list goes on and on. Many of these laws, and…

A Computer Security Start-Up Turns the Tables on Hackers

Posted on June 13, 2016 by Dissent

Nicole Perlroth reports: Standing before a crowded room of entrepreneurs and investors at a conference in San Francisco last summer, former Vice President Al Gore described how climate change could be contained, possibly even reversed. Next to take the stage was Kevin Mandia, the founder of Mandiant, a security company acquired by another security company called FireEye,…

Privacy Concerns Arise over Annapolis, Md., Parking Website

Posted on June 9, 2016 by Dissent

Chase Cook reports: Annapolis resident Linda Farrell was excited to use the city’s new online residential parking website. But when she opened the online form, she noticed her web browser telling her the website wasn’t secure. This after asking for her address, vehicle license plate and driver’s license number — information she felt was personal….

Second Circuit Holds Insurers Have Duty to Defend Data Trap Lawsuit

Posted on June 8, 2016 by Dissent

Traub Lieberman Straus & Shrewsberry LLP write: In its recent decision in Nat’l Fire Ins. Co. v. E. Mishan & Sons, Inc., 2016 U.S. App. LEXIS 10151 (2d Cir. June 1, 2016), the United States Court of Appeals for the Second Circuit, applying New York law, had occasion to consider the application of an exclusion…

House Energy And Commerce Committee Reviews Cybersecurity Practices At HHS

Posted on June 7, 2016 by Dissent

King & Spalding write: On May 25, 2016, the House Energy and Commerce Subcommittee on Health held a hearing to examine the Department of Health and Human Services’ (“HHS”) cybersecurity responsibilities. The hearing focused on legislation that would create a new office within HHS, the Office of the Chief Information Security Officer (“CISO”), consolidating information…

ERISA and Cybersecurity

Posted on June 6, 2016 by Dissent

Larry Goldstein of McGuireWoods LLP writes: Employee benefit plan data stored online may include participants’ names and Social Security numbers, account information and protected health information (PHI), all of which are inviting targets for hackers. Highly-publicized data breaches in recent years have called attention to the obligations of benefit plan administrators (typically the employers sponsoring…