There are so many webinars each week that I generally don’t sign up for many or even post links to them, but this one really caught my eye because there have been so many recent changes at the state level. The New Breed of State Health Privacy Laws Thursday, July 27, 2023 at 2 PM…
Category: State/Local
Eleventh Circuit Requests Refined Class Definition For Data Breach Class Action
Gerald L. Maatman, Jr., Alex W. Karasik, and George J. Schaller of Duane Morris write: In Steinmetz et al. v. Brinker International, Inc., No. 21-13146, 2023 U.S. App. LEXIS 17539 (11th Cir. July 11, 2023), the Eleventh Circuit vacated the district court’s order certifying a nationwide class and California-only class in a data breach case. In so…
Texas Tightens State’s Data Breach Notification Law
Joseph Lazzarotti and Phillip A. Baggett of Jackson Lewis write: On May 27, 2023, Texas’ Governor signed Senate Bill 768 amending Texas’ data breach notification law. The law in question, Section 521.053 of the Texas Business and Commerce Code, sets out the specific requirements any person conducting business in the state who owns or licenses sensitive personal…
Pennsylvania Senate committee approves Phillips-Hill’s measure to protect student data, privacy
The Senate Education Committee approved the Student Data Privacy and Protection Act, according to the measure’s sponsor Sen. Kristin Phillips-Hill (R-York). Senate Bill 565 modernizes Pennsylvania law to accommodate student information being stored online, as well as students learning and attending school online. As is currently stands, student-related data is being generated, collected, and stored within…
NYSDFS Fines Lender and Mortgage Servicer $4.25M for Cybersecurity Failures Including Vendor Management
Joseph Lazzarotti of JacksonLewis writes: Yesterday, New York’s Department of Financial Services (“DFS”) announced another enforcement action under the state’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (“Reg 500”). According to the press release, OneMain Financial Group LLC (“OneMain”) will pay a $4.25 million penalty to New York State for alleged violations of Reg 500. In…
NYS settles charges against PracticeFirst stemming from 2020 ransomware incident
In July 2021, Professional Business Systems, Inc. d/b/a Practicefirst Medical Management Solutions and PBS Medcode Corp., a medical management company that processes data for health care providers, issued a press release about a hacking incident that occurred in December 2020. As DataBreaches noted at the time, it appeared that they likely paid ransom because one line in their statement…