Technological Evolution

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Technological Evolution"

Transcription

1 Technological Evolution The Impact of Social Media, Big Data and Privacy on Business Data Security: Before and After a Breach Occurs Archis A. Parasharami Partner Mayer Brown LLP David Hale Chief Privacy Officer & Associate General Counsel TD Ameritrade Bob Kriss Partner Mayer Brown LLP

2 David Hale Chief Privacy Officer and Associate General Counsel TD Ameritrade Bob Kriss Partner Mayer Brown LLP Archis Parasharami Partner Mayer Brown LLP 2

3 3

4 Data Security Prevention Response Litigation 4

5 Prevention Dual objectives Minimize risk of data breach Prepare an effective defense to regulatory and class action litigation if a breach occurs 5

6 The Gathering Storm In the past, most consumer class actions were dismissed on standing grounds or failure to plead damage elements or were settled Banks rarely sued merchants for credit card losses Recent series of high profile data breaches may be changing attitudes of regulators, judges and litigants Four recent cases have increased the risk of having to defend on the merits 6

7 Recent Cases FTC v. Wyndham Worldwide Corp., 10 F. Supp. 3d (D.N.J.2014): FTC contends that failure to take reasonable steps to mitigate risk of data breach constitutes unfair practice under the FTC Act Reasonableness to be determined in a manner analogous to common law negligence actions District court refuses to dismiss claims 3d Cir. argument last week; hints that case may be sent back to agency to have claims decided through administrative process 7

8 Recent Cases In re Adobe Sys. Privacy Litig., ---F. Supp. 2d---, 2014 WL (N.D. Cal. Sept. 4, 2014) (Koh, J.) Broad view of standing Increased risk of future harm from 2013 data breach was enough for named plaintiffs standing Also pointed to potential for claiming as damages the costs of mitigation i.e., services obtained to prevent identity theft Next stop: Potentially invasive and burdensome merits discovery 8

9 Recent Cases In re LinkedIn User Privacy Litig., 2014 WL (N.D. Cal. Mar. 28, 2014) Misrepresentation/false advertising claim based upon published privacy policy Policy stated: All information that you provide will be protected with industry standard protocols and technology. Plaintiff alleged that but for that statement, she would not have purchased LinkedIn s premium service Court holds that is enough for standing based upon payment of fee without regard to whether consumer suffered identity theft 9

10 Recent Cases In re Target Corp. Customer Data Sec. Breach Litig. --- F. Supp. 3d ---, 2014 WL (D. Minn. Dec. 2, 2014) Multi-district litigation Banks seek recovery of losses associated with cost of replacing credit cards and paying unauthorized charges Harder to attack standing Negligence claim allowed to go forward 10

11 What Are Reasonable Measures? Wyndham position: FTC must state standards as part of rule-making process District Court accepts approach analogous to common law negligence analysis Compliance with industry standards is relevant but not necessarily dispositive What are industry standards? 11

12 What Are Reasonable Measures? Must identify and comply with legal requirements Examples of legal requirements If doing business with Massachusetts customers, must encrypt PII when transmitting over public lines or wirelessly and encrypt PII stored on mobile devices If collecting PHI, must have Business Associate Agreement with third party service providers obligating them to take reasonable steps as required under HIPAA If doing business in financial services, must prepare comprehensive data security plan and conduct regular tests 12

13 What Are Reasonable Measures? Perform risk assessment Select credible set of standards to assess whether additional safeguards should be implemented Example of credible set of standards: PCI DSS Several states require compliance, and one state grants immunity if company was certified before breach Financial institutions rely upon them to avoid substantial losses Most standards can be applied to any type of sensitive information, not just credit card information 13

14 Incorporate a Litigation Perspective from the Beginning The written information security plan ( WISP ) and related documents may be key evidence in a regulatory proceeding or class action Engagement letter should indicate that the outside data security consultant should be retained to assist counsel in providing legal advice Strengthens argument that drafts and preliminary analyses and observations are protected attorney client communications (See, e.g., United States v. Kovel, 296 F.2d 918 (2d Cir. 1961) 14

15 Incorporate a Litigation Perspective from the Beginning Avoid premature recommendations from your experts Document reasons why safeguards addressed in standards are not implemented (Note: HIPAA requires such documentation with respect to specified addressable issues such as encryption) Do not refer to addressable issues as gaps or absent safeguards or any other term that could be misunderstood 15

16 Incorporate a Litigation Perspective from the Beginning Avoid characterizing the overall level of protection For example, the NIST Framework discusses evaluation of a system in terms of Tiers of sophistication Characterizing your system as a 1 or a 2 could be misused by an opponent in a litigation context Better to consider each potential safeguard described in a credible set of standards as an addressable issue and if you decide not to implement the safeguard, document the reason in an accurate and positive manner 16

17 Examples of Important Addressable Issues Comprehensive mapping of sensitive information Encryption Password strength Dual authentication Limited access on a need to know basis Phishing Limits on website access from work devices 17

18 Data Breach Response Importance of having a written plan Identify leader of data breach response plan Chief Security Officer can be an effective team leader Chief Security Officer should always work closely with a representative of the General Counsel s office Identify other potential team members Team leader should have flexibility to select members based upon nature and severity of breach 18

19 Data Breach Response Person (generally legal counsel) should be designated as responsible for making a contemporaneous written record of important events and decisions Before altering hardware, software or data as part of remediation effort, develop plan for preserving important evidence (e.g., imaging drives, preserving back-up tapes) Consider carefully the timing of remediation (e.g., sometimes it is necessary to wait until the full extent of a malware infection is known so that the intruder s access can be terminated completely before tipping the intruder) 19

20 Data Breach Response Notice requirements applicable to your business should be considered before a data breach occurs Potential recipients: customers, regulators (including SEC, HHS, state attorneys general), business partners whose contracts require notice (e.g., participants in credit card payment system) Generally, law enforcement should be informed after you determine the scope of the breach unless assistance from law enforcement might be helpful in determining the cause and extent of the breach 20

21 Data Breach Response Generally notice to the public should not be given until the scope of the breach is determined with confidence Exception: When earlier notice will mitigate loss to affected persons and enough is known to be certain that a breach has occurred and at least some PII has been taken or lost 21

22 Data Breach Response All members of the data breach response team, including outside consultants should understand that the documents they create may become evidence in a legal proceeding All documents should be factual and accurate Speculation as to causes and scope of breach should be avoided 22

23 Data Breach Response There should be a meeting of team members after the remediation effort is completed to discuss lessons learned Legal counsel should be responsible for preparing a memorandum summarizing how the breach was identified, the scope of the breach, how the breach was remediated and lessons learned from the incident Avoid premature recommendations for changes since failure to implement a recommendation could prove damaging in litigation 23

24 Data Breach Response Practice/test the data breach response plan through hypothetical table top exercises Exercise should involve same personnel who would be involved in an actual breach response To test the team s diagnostic abilities, the cause of the hypothetical breach should not be disclosed to the team Internal and external intrusion and lost data scenarios should be tested 24

25 Risks of Private Litigation Every major data breach leads to class actions. In 2014: Target Sony ebay Home Depot Neiman Marcus 25

26 Standing as a Key Defense In the past, many data-breach class actions foundered for lack of standing Article III of the U.S. Constitution requires that plaintiffs have suffered an actual injury-in-fact to sue in federal court The Supreme Court held in Clapper v. Amnesty Int l USA (2013) that plaintiffs who feared that their communications would be subject to government surveillance lacked standing to sue, because a theory of future injury is too speculative to satisfy Article III 26

27 Standing as a Key Defense Clapper says: [a]llegations of possible future injury are not sufficient to confer standing; instead, the threatened injury must be certainly impending. Defendants have argued that Clapper s holding should be applied in privacy/data breach cases Plaintiffs lawyers have argued that Clapper should be limited to the NSA context in which it arose 27

28 Standing as a Key Defense Defendants have argued that Clapper s holding should be applied in privacy/data breach cases Plaintiffs lawyers have argued that Clapper should be limited to the NSA context in which it arose Many courts have applied Clapper to hold that, in the absence of an allegation of identity theft, plaintiffs cannot assert standing based simply on a perceived increased risk of harm 28

29 Standing as a Key Defense Typical holdings (both before and after Clapper) [S]peculation of future harm does not constitute actual injury, and thus a claim of actual injury in the form of increased risk of identify theft is insufficient to establish standing. In re Barnes & Noble, 2013 WL , at*5 (N.D. Ill. Sept. 3, 2013) (citing Clapper) In the identity theft context, courts have embraced the general rule that an alleged increase in risk of future injury is not an actual or imminent injury. Key v. DSW, Inc., 454 F. Supp. 2d 684, 689 (S.D. Ohio 2006) 29

30 Standing as a Key Defense Many courts have held that, so long as an individual was reimbursed by his or her debit/credit card company for allegedly improper charges, there is no standing In order to have suffered an actual injury, Plaintiffs must have had an unreimbursed charge on their credit card or debit cards. Lewert v. P.F. Chang s China Bistro, Inc., 2014 WL , at *3 (N.D. Ill. Dec. 10, 2014) 30

31 Pushback Against Standing? But some courts disagree increasingly so in the last two years (e.g., LinkedIn; Adobe) Adobe court holds that Ninth Circuit s decision in Krottner v. Starbucks Corp. (2010) survives Clapper In Krottner, Ninth Circuit holds that the fact of a stolen laptop (without additional evidence of identity theft) was enough to create Article III standing Plaintiffs have alleged a credible threat of real and immediate harm stemming from the theft of a laptop containing their unencrypted personal data essentially an increased risk of identity theft was enough to satisfy the injury-in-fact requirement In the identity theft context, courts have embraced the general rule that an alleged increase in risk of future injury is not an actual or imminent injury. Key v. DSW, Inc., 454 F. Supp. 2d 684, 689 (S.D. Ohio 2006). 31

32 Where Will the Seventh Circuit Land on Standing? Remijas v. Neiman Marcus Group, LLC (7th Cir. argued Jan. 23, 2015) Tough questioning for company from Judge Wood: 32

33 Will the Supreme Court Step In? Supreme Court is considering whether to grant certiorari in Spokeo Inc. v. Robins, raising issue of whether Congress can create standing to sue when all that is alleged is a statutory violation without any concrete harm Facts Supreme Court outlook In October, Court called for the views of the Solicitor General 33

34 Class Certification Proceedings No matter how the standing debate is resolved, some plaintiffs may be able to allege that their personal information was accessed and misused Defense argument: Differences between class members who did and did not suffer injury should predominate over common issues, preventing class certification Under Comcast Corp. v. Behrend, plaintiffs would have the burden of proving that there is a workable model for assessing damages on a classwide basis But some lower courts have been resistant to Comcast and have given it a narrow reading 34

35 Class Certification Proceedings If a business must settle a data breach class action, it will want to secure finality and certainty to the greatest extent possible Consider crafting broad class definitions (and accompanying releases) that do encompass users who cannot identify specific actual damages A federal court in Florida recently granted final approval to just such a settlement in a data breach class action stemming from looted laptops (see Curry v. AvMed, Inc., S.D. Fla. No. 1:10-cv ) AvMed paid $3 million to settle claims arising from a pre-2009 purchase of AvMed products ($10-$30 per customer) 35

36 Modifying Existing Service Agreements Many state AGs and other laws are requiring businesses to disclose the information they collect from customers Businesses should carefully consider any representations regarding the safety or security of data Such representations may provide a hook for false advertising or fraud suits. See In re LinkedIn Data Privacy Litig. (N.D. Cal. 2014) Companies also should consider arbitration agreements containing class action waivers, which can minimize the risk of all class actions, not just data breach litigation 36

37 Mayer Brown is a global legal services organization comprising legal practices that are separate entities ("Mayer Brown Practices"). The Mayer Brown Practices are: Mayer Brown LLP, a limited liability partnership established in the United States; Mayer Brown International LLP, a limited liability partnership incorporated in England and Wales; Mayer Brown JSM, a Hong Kong partnership, and its associated entities in Asia; and Tauil & Chequer Advogados, a Brazilian law partnership with which Mayer Brown is associated. "Mayer Brown" and the Mayer Brown logo are the trademarks of the Mayer Brown Practices in their respective jurisdictions.

2015 ROBINS KAPLANLLP TOOLS, TIPS, AND TRENDS: DATA PRIVACY AND CYBERSECURITY

2015 ROBINS KAPLANLLP TOOLS, TIPS, AND TRENDS: DATA PRIVACY AND CYBERSECURITY TOOLS, TIPS, AND TRENDS: DATA PRIVACY AND CYBERSECURITY PANEL MEMBERS Stacy Bettison, Founder and President, BETTISON Candice Ciresi, Head of Stratasys US Legal and Legal Counsel to SSYS, Inc and LATAM

More information

Recent Court Rulings May Affect Protection Responsibilities

Recent Court Rulings May Affect Protection Responsibilities FINPRO Practice april 2013 Recent Court Rulings May Affect Companies Cyber and Data Protection Responsibilities Contents: Krottner v. starbucks corp. page 2 Clapper v. amnesty international page 3 Amgen,

More information

Trends in Data Breach and Cybersecurity Regulation, Legislation and Litigation. Part 2

Trends in Data Breach and Cybersecurity Regulation, Legislation and Litigation. Part 2 Trends in Data Breach and Cybersecurity Regulation, Legislation and Litigation Part 2 April 17, 2014 For nearly a decade, we ve had major data breaches at companies both large and small. Millions of consumers

More information

REGULATION OF COMPANIES DATA SECURITY PRACTICES UNDER THE FTC ACT AND CALIFORNIA UNFAIR COMPETITION LAW By Kathryn F. Russo 1

REGULATION OF COMPANIES DATA SECURITY PRACTICES UNDER THE FTC ACT AND CALIFORNIA UNFAIR COMPETITION LAW By Kathryn F. Russo 1 REGULATION OF COMPANIES DATA SECURITY PRACTICES UNDER THE FTC ACT AND CALIFORNIA UNFAIR COMPETITION LAW By Kathryn F. Russo 1 I. Introduction News of data breaches dominates the headlines. Technology is

More information

CLASS ACTION DATA BREACH LITIGATION: IS THE TIDE TURNING IN PLANTIFFS FAVOR?

CLASS ACTION DATA BREACH LITIGATION: IS THE TIDE TURNING IN PLANTIFFS FAVOR? CLASS ACTION DATA BREACH LITIGATION: IS THE TIDE TURNING IN PLANTIFFS FAVOR? These days, it is rare to turn on the news and not hear about a new data breach affecting U.S. companies and consumers. In fact,

More information

Standing in Data Breach Cases: A Review of Recent Trends

Standing in Data Breach Cases: A Review of Recent Trends Standing in Data Breach Cases: A Review of Recent Trends Published in the Bloomberg BNA Class Action Litigation Report on September 25, 2015. By Simon J. Frankel, Robert D. Fram, Amanda C. Lynch For most

More information

Data Breach Litigation:

Data Breach Litigation: Data Breach Litigation: Empirical analysis and Current trends Tonia Klausner, Wilson Sonsini Goodrich & Rosati, PC Sasha Romanosky, RAND 11/6/2013 How is US policy addressing harms caused by data breaches?

More information

TRENDS IN CYBER LIABILITY Presented by Chris DiIenno Data Privacy and Network Security Group Lewis Brisbois Bisgaard & Smith

TRENDS IN CYBER LIABILITY Presented by Chris DiIenno Data Privacy and Network Security Group Lewis Brisbois Bisgaard & Smith TRENDS IN CYBER LIABILITY Presented by Chris DiIenno Data Privacy and Network Security Group Lewis Brisbois Bisgaard & Smith Types of Data at Stake Residents, constituents, employees PII Personally Identifiable

More information

Mind Your Business: Privacy, Data Security & Regulatory Compliance Best Practices & Guidance

Mind Your Business: Privacy, Data Security & Regulatory Compliance Best Practices & Guidance Mind Your Business: Privacy, Data Security & Regulatory Compliance Best Practices & Guidance National Bar Association - Commercial Law Section 2015 Corporate Counsel Conference February 26, 2015 www.alston.com

More information

Perspectives on Cybersecurity and Its Legal Implications

Perspectives on Cybersecurity and Its Legal Implications Survey Results 2015 Perspectives on Cybersecurity and Its Legal Implications a 2015 survey of corporate executives The National Institute of Standards and Technology (NIST), a non-regulatory agency of

More information

THE BBA TABLE OF CONTENTS CONTACT US The Boston Bar Journal

THE BBA TABLE OF CONTENTS CONTACT US The Boston Bar Journal THE BBA TABLE OF CONTENTS CONTACT US The Boston Bar Journal Legal Analysis Data Breach Class Action Litigation A Tough Road for Plaintiffs By Timothy H. Madden Introduction With the increased prevalence

More information

What Happens to Information Stolen in a Data Breach and Why It Matters in Litigation

What Happens to Information Stolen in a Data Breach and Why It Matters in Litigation What Happens to Information Stolen in a Data Breach and Why It Matters in Litigation By: Joseph H. Wieseman and Alex M. Barfield Hawkins Parnell Thackston & Young, LLP Joseph H. Wieseman is a partner at

More information

Data Breach Response Basic Principles Under U.S. State and Federal Law. ABA Litigation Section Core Knowledge January 2015 1

Data Breach Response Basic Principles Under U.S. State and Federal Law. ABA Litigation Section Core Knowledge January 2015 1 Data Breach Response Basic Principles Under U.S. State and Federal Law ABA Litigation Section Core Knowledge January 2015 1 I. Introduction Data breaches have become an unfortunate reality for many of

More information

Expert Analysis Employee Data Privacy Issues: Risk And Responsibility in Cyberincidents

Expert Analysis Employee Data Privacy Issues: Risk And Responsibility in Cyberincidents Westlaw Journal Employment Litigation News and Analysis Legislation Regulation Expert Commentary VOLUME 29, issue 15 / february 18, 2015 Expert Analysis Employee Data Privacy Issues: Risk And Responsibility

More information

Case: 1:07-cv-04110 Document #: 44 Filed: 03/12/09 Page 1 of 5 PageID #:<pageid>

Case: 1:07-cv-04110 Document #: 44 Filed: 03/12/09 Page 1 of 5 PageID #:<pageid> Case: 1:07-cv-04110 Document #: 44 Filed: 03/12/09 Page 1 of 5 PageID #: MARIO R. ALIANO, SR., IN THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF ILLINOIS EASTERN DIVISION Plaintiff,

More information

Recent Developments in Privacy/Security Litigation

Recent Developments in Privacy/Security Litigation Recent Developments in Privacy/Security Litigation Elizabeth F. Hodge February 25, 2015 Privacy & Security Enforcement HIPAA Office for Civil Rights State Attorneys General Federal Trade Commission (FTC)

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation MELISSA J. KRASNOW, DORSEY & WHITNEY LLP

More information

Technological Evolution

Technological Evolution Technological Evolution The Impact of Social Media, Big Data and Privacy on Business Consumer Privacy & Big Data Advice, Regulatory and Resulting Litigation Denise Banks Chief Privacy Officer BMO Financial

More information

Trends in Data Breach and CybersecurityRegulation, Legislation and Litigation. Part I

Trends in Data Breach and CybersecurityRegulation, Legislation and Litigation. Part I Trends in Data Breach and CybersecurityRegulation, Legislation and Litigation Part I March 20, 2014 Speakers John J. Sullivan, Partner, rejoined Mayer Brown after serving as General Counsel at the US Department

More information

Long-Expected Omnibus HIPAA Rule Implements Significant Privacy and Security Regulations for Entities and Business Associates

Long-Expected Omnibus HIPAA Rule Implements Significant Privacy and Security Regulations for Entities and Business Associates Legal Update February 11, 2013 Long-Expected Omnibus HIPAA Rule Implements Significant Privacy and Security Regulations for Entities and Business Associates On January 17, 2013, the Department of Health

More information

A Year in Review: Data Breaches and Lessons Learned Monday, October 29, 2012 9:00-10:00 a.m.

A Year in Review: Data Breaches and Lessons Learned Monday, October 29, 2012 9:00-10:00 a.m. International Association of Privacy Professionals Practical Privacy Series A Year in Review: Data Breaches and Lessons Learned Monday, October 29, 2012 9:00-10:00 a.m. Michael A. Vatis 212 506 3927 mvatis@steptoe.com

More information

TODAY S AGENDA. Trends/Victimology. Incident Response. Remediation. Disclosures

TODAY S AGENDA. Trends/Victimology. Incident Response. Remediation. Disclosures TODAY S AGENDA Trends/Victimology Incident Response Remediation Disclosures Trends/Victimology ADVERSARY CLASSIFICATIONS SOCIAL ENGINEERING DATA SOURCES COVERT INDICATORS - METADATA METADATA data providing

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP

More information

Data Breaches: Managing Them Internally and in Response to Civil/Criminal Investigations

Data Breaches: Managing Them Internally and in Response to Civil/Criminal Investigations Data Breaches: Managing Them Internally and in Response to Civil/Criminal Investigations 2013 AHLA Academic Medical Centers Conference Jane E. Jordan Emory University William H. Jordan Alston & Bird LLP

More information

United States Court of Appeals

United States Court of Appeals In the United States Court of Appeals For the Seventh Circuit No. 14 3122 HILARY REMIJAS, on behalf of herself and all others similarly situated, et al., Plaintiffs Appellants, v. NEIMAN MARCUS GROUP,

More information

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation

Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP A Note discussing written information security programs (WISPs)

More information

Data Breach Response Planning: Laying the Right Foundation

Data Breach Response Planning: Laying the Right Foundation Data Breach Response Planning: Laying the Right Foundation September 16, 2015 Presented by Paige M. Boshell and Amy S. Leopard babc.com ALABAMA I DISTRICT OF COLUMBIA I FLORIDA I MISSISSIPPI I NORTH CAROLINA

More information

CLOUD SECURITY LAW MICHAEL KEELING, PE, ESQ. KEELING LAW OFFICES, PC PHOENIX AND CORONADO

CLOUD SECURITY LAW MICHAEL KEELING, PE, ESQ. KEELING LAW OFFICES, PC PHOENIX AND CORONADO CLOUD SECURITY LAW MICHAEL KEELING, PE, ESQ. KEELING LAW OFFICES, PC PHOENIX AND CORONADO NOTE: Information contained in this presentation is intended for informational purposes ONLY. It is not intended

More information

Cybersecurity and Privacy 2015: Presentation to Institute of International Bankers

Cybersecurity and Privacy 2015: Presentation to Institute of International Bankers Cybersecurity and Privacy 2015: Presentation to Institute of International Bankers Sue Ross Senior Counsel Norton Rose Fulbright US LLP October 27, 2015 Speaker Sue Ross Senior Counsel Norton Rose Fulbright

More information

Data Privacy and Cybersecurity Task Force

Data Privacy and Cybersecurity Task Force Data Privacy and Cybersecurity Task Force key contact Josephine Cicchetti Shareholder T: 202.965.8162 F: 202.965.8104 email We provide clients across industries with comprehensive counsel on complex, evolving,

More information

Lessons From Recent Data Security Cases

Lessons From Recent Data Security Cases Lessons From Recent Data Security Cases Mobile Payments Law, Law Seminars International Palo Alto, California, November 22, 2013 Randy Gainer, Attorney, CISSP Topics What types of alleged damages allow

More information

Competitive Intelligence Acquisition and Reverse Engineering

Competitive Intelligence Acquisition and Reverse Engineering Competitive Intelligence Acquisition and Reverse Engineering Pitfalls and Best Practices in the US, the UK and Germany Richard M. Assmus Andrea C. Hutchison Dr. Ulrich Worm May 20, 2010 Sangeeta Puran

More information

The Practical Realities of Cybersecurity

The Practical Realities of Cybersecurity & present The Practical Realities of Cybersecurity Best practices for crafting policies and procedures to protect your company Andrew Morentz, Member Telecommunications Law Professionals PLLC email amorentz@telecomlawpros.com

More information

Cyber and CGL Insurance Coverage for Data Breach Claims

Cyber and CGL Insurance Coverage for Data Breach Claims Cyber and CGL Insurance Coverage for Data Breach Claims Paula Weseman Theisen, Partner Data breach overview Definition of data breach/types Data breach costs Data breach legal claims and damages Cyber-insurance

More information

Lawyers and Social Media: The Legal Ethics of Tweeting, Facebooking and Blogging

Lawyers and Social Media: The Legal Ethics of Tweeting, Facebooking and Blogging Lawyers and Social Media: The Legal Ethics of Tweeting, Facebooking and Blogging Anthony Diana, Partner 212 506 2542 adiana@mayerbrown.com Michael Lackey, Partner 202 263 3224 mlackey@mayerbrown.com Mayer

More information

Managing Legal Risks in Light of Recent Security Breaches. Daniel Lim

Managing Legal Risks in Light of Recent Security Breaches. Daniel Lim Managing Legal Risks in Light of Recent Security Breaches Daniel Lim Agenda Review of Recent Data Breaches Recent Cases & Legal Standards Class Actions Consumer Data Investigations PHI, PII What To Do

More information

In the Hannaford decision discussed herein, Judge Hornby succinctly

In the Hannaford decision discussed herein, Judge Hornby succinctly Developments in Data Breach Liability ALAN CHARLES RAUL, EDWARD McNICHOLAS, DAVID E. TEITELBAUM, AND BLAYNE V. SCOFIELD As data breaches continue apace, so do enforcement action and litigation. This article

More information

Cybersecurity and Privacy Enforcement: A Roundup of 2014 Cases Francis J. Burke, Jr. i and Steven M. Millendorf, CIPP/US ii

Cybersecurity and Privacy Enforcement: A Roundup of 2014 Cases Francis J. Burke, Jr. i and Steven M. Millendorf, CIPP/US ii Cybersecurity and Privacy Enforcement: A Roundup of 2014 Cases Francis J. Burke, Jr. i and Steven M. Millendorf, CIPP/US ii Hardly a day goes by without another front-page headline regarding a cybersecurity

More information

NSA Data Collection and its Impact on Cloud and Outsourcing and Recent Privacy and Security Developments on Capitol Hill

NSA Data Collection and its Impact on Cloud and Outsourcing and Recent Privacy and Security Developments on Capitol Hill NSA Data Collection and its Impact on Cloud and Outsourcing and Recent Privacy and Security Developments on Capitol Hill Marcus Christian Partner +1 202 263 3731 mchristian@mayerbrown.com Howard W. Waltzman

More information

Ethics & Social Media With A Hint Of Privacy Law

Ethics & Social Media With A Hint Of Privacy Law Ethics & Social Media With A Hint Of Privacy Law Ethics Program Debra Bogo-Ernst, Mayer Brown Michael Lackey, Mayer Brown Speakers dernst@mayerbrown.com T +1 312 701 7403 F +1 312 706 8474 mlackey@mayerbrown.com

More information

UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF OHIO EASTERN DIVISION

UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF OHIO EASTERN DIVISION Case: 2:13-cv-00118-MHW-MRA Doc #: 40 Filed: 02/10/14 Page: 1 of 31 PAGEID #: 402 UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF OHIO EASTERN DIVISION Mohammad S. Galaria, individually and on behalf

More information

3/4/2015. Scope of Problem. Data Breaches A Daily Phenomenon. Cybersecurity: Minimizing Risk & Responding to Breaches. Anthem.

3/4/2015. Scope of Problem. Data Breaches A Daily Phenomenon. Cybersecurity: Minimizing Risk & Responding to Breaches. Anthem. Cybersecurity: Minimizing Risk & Responding to Breaches March 5, 2015 Andy Chambers Michael Kelly Jimmie Pursell Scope of Problem Data Breaches A Daily Phenomenon Anthem JP Morgan / Chase Sony Home Depot

More information

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer?

Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information

More information

The Effect of Product Safety Regulatory Compliance

The Effect of Product Safety Regulatory Compliance PRODUCT LIABILITY Product Liability Litigation The Effect of Product Safety Regulatory Compliance By Kenneth Ross Product liability litigation and product safety regulatory activities in the U.S. and elsewhere

More information

SSSHHHHH THERE S AN INSURANCE BROKER IN THE ROOM!

SSSHHHHH THERE S AN INSURANCE BROKER IN THE ROOM! ABA Section of Litigation 2012 Insurance Coverage Litigation Committee CLE Seminar, March 1-3, 2012: Hey! Give Me Back That Document! Privilege Issues in Insurance Coverage Disputes SSSHHHHH THERE S AN

More information

Payment Card Industry Data Security Standards

Payment Card Industry Data Security Standards Payment Card Industry Data Security Standards January 19, 2011 Marc S. Reisler, Holland & Knight Copyright 2011 Holland & Knight LLP All Rights Reserved Data Breaches Remain a Serious Concern PCI Standards

More information

Insurers Not Obligated to Defend in ZIP Code Coverage Suits

Insurers Not Obligated to Defend in ZIP Code Coverage Suits Insurers Not Obligated to Defend in ZIP Code Coverage Suits By Bryana Blessinger Hill & Lamb LLP Portland, Oregon Insurers are increasingly faced with privacy and data-breach related claims. One of the

More information

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day

Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Lloyd s of London (Reuters) May 8, 2000 Cyber Risk, Legal And Regulatory Issues, And Insurance Mitigation ISACA Pittsburgh Information Security Awareness Day Rivers Casino, Pittsburgh November 17, 2014

More information

Supreme Court Decision Affirming Judicial Right to Review EEOC Actions

Supreme Court Decision Affirming Judicial Right to Review EEOC Actions Supreme Court Decision Affirming Judicial Right to Review EEOC Actions The Supreme Court Holds That EEOC s Conciliation Efforts Are Subject to Judicial Review, Albeit Narrow SUMMARY A unanimous Supreme

More information

Challenging EEOC Conciliation Charges

Challenging EEOC Conciliation Charges Portfolio Media. Inc. 860 Broadway, 6th Floor New York, NY 10003 www.law360.com Phone: +1 646 783 7100 Fax: +1 646 783 7161 customerservice@law360.com Challenging EEOC Conciliation Charges Law360, New

More information

Case 2:07-cv-10945-SFC-MKM Document 132 Filed 05/27/2008 Page 1 of 7 UNITED STATES DISTRICT COURT EASTERN DISTRICT OF MICHIGAN SOUTHERN DIVISION

Case 2:07-cv-10945-SFC-MKM Document 132 Filed 05/27/2008 Page 1 of 7 UNITED STATES DISTRICT COURT EASTERN DISTRICT OF MICHIGAN SOUTHERN DIVISION Case 2:07-cv-10945-SFC-MKM Document 132 Filed 05/27/2008 Page 1 of 7 UNITED STATES DISTRICT COURT EASTERN DISTRICT OF MICHIGAN SOUTHERN DIVISION DURA GLOBAL, TECHNOLOGIES, INC., et al., Plaintiffs, CIVIL

More information

Cybersecurity: Protecting Your Business. March 11, 2015

Cybersecurity: Protecting Your Business. March 11, 2015 Cybersecurity: Protecting Your Business March 11, 2015 Grant Thornton. All LLP. rights All reserved. rights reserved. Agenda Introductions Presenters Cybersecurity Cybersecurity Trends Cybersecurity Attacks

More information

The Matrix Reloaded: Cybersecurity and Data Protection for Employers. Jodi D. Taylor

The Matrix Reloaded: Cybersecurity and Data Protection for Employers. Jodi D. Taylor The Matrix Reloaded: Cybersecurity and Data Protection for Employers Jodi D. Taylor Why Talk About This Now? Landscape is changing Enforcement by federal and state governments on the rise Legislation on

More information

Brief. The BakerHostetler Data Security Incident Response Report 2015

Brief. The BakerHostetler Data Security Incident Response Report 2015 Brief The BakerHostetler Data Security Incident Response Report 2015 The rate of disclosures of security incidents in 2015 continues at a pace that caused many to call 2013 and then 2014 the year of the

More information

Black Hats, Firewalls, and Data Loss: Insurers Confront Data Breach Litigation

Black Hats, Firewalls, and Data Loss: Insurers Confront Data Breach Litigation Thomas W. Curvin Phillip E. Stano Mark Thibodeaux Tracey K. Ledbetter December 9, 2014 Black Hats, Firewalls, and Data Loss: Insurers Confront Data Breach Litigation INSURANCE AND FINANCIAL SERVICES LITIGATION

More information

Defensive Strategies in False Marking Suits After Stauffer and Pequignot

Defensive Strategies in False Marking Suits After Stauffer and Pequignot Defensive Strategies in False Marking Suits After Stauffer and Pequignot Contributed by Angie M. Hankins, Stroock & Stroock & Lavan LLP Many companies inadvertently mark their products with expired patents.

More information

Data Breach Cost. Risks, costs and mitigation strategies for data breaches

Data Breach Cost. Risks, costs and mitigation strategies for data breaches Data Breach Cost Risks, costs and mitigation strategies for data breaches Tim Stapleton, CIPP/US Deputy Global Head of Professional Liability Zurich General Insurance Data Breaches: Greater frequency,

More information

UNITED STATES COURT OF APPEALS FOR THE THIRD CIRCUIT. No. 14-4173 MICHAEL J. MANDELBROT; MANDELBROT LAW FIRM,

UNITED STATES COURT OF APPEALS FOR THE THIRD CIRCUIT. No. 14-4173 MICHAEL J. MANDELBROT; MANDELBROT LAW FIRM, Case: 14-4173 Document: 003112102053 Page: 1 Date Filed: 10/15/2015 NOT PRECEDENTIAL UNITED STATES COURT OF APPEALS FOR THE THIRD CIRCUIT No. 14-4173 MICHAEL J. MANDELBROT; MANDELBROT LAW FIRM, v. Appellants

More information

The Age of Data Breaches:

The Age of Data Breaches: The Age of Data Breaches: HOW TO AVOID BEING THE NEXT HEADLINE MARCH 24, 2015 2015 Epstein Becker & Green, P.C. All Rights Reserved. ebglaw.com This presentation has been provided for informational purposes

More information

Case 2:13-cv-01887-ES-JAD Document 282-1 Filed 12/09/15 Page 1 of 18 PageID: 4861 THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY

Case 2:13-cv-01887-ES-JAD Document 282-1 Filed 12/09/15 Page 1 of 18 PageID: 4861 THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY Case 2:13-cv-01887-ES-JAD Document 282-1 Filed 12/09/15 Page 1 of 18 PageID: 4861 THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF NEW JERSEY Federal Trade Commission, Plaintiff, v. Wyndham Worldwide

More information

DATA PRIVACY ENFORCEMENT EFFORTS BY STATE ATTORNEYS GENERAL

DATA PRIVACY ENFORCEMENT EFFORTS BY STATE ATTORNEYS GENERAL DATA PRIVACY ENFORCEMENT EFFORTS BY STATE ATTORNEYS GENERAL State AGs have been very active in the leadership of data privacy protection initiatives across the country, and have dedicated considerable

More information

Data Security: Risks, Compliance and How to be Prepared for a Breach

Data Security: Risks, Compliance and How to be Prepared for a Breach Data Security: Risks, Compliance and How to be Prepared for a Breach Presented by: Sandy B. Garfinkel, Esq. The Data Breach Reality: 2015 AshleyMadison.com (July 2015) Member site facilitating personal

More information

HIPAA Privacy and Security Changes in the American Recovery and Reinvestment Act

HIPAA Privacy and Security Changes in the American Recovery and Reinvestment Act International Life Sciences Arbitration Health Industry Alert If you have questions or would like additional information on the material covered in this Alert, please contact the author: Brad M. Rostolsky

More information

Are Data Breaches a Real Concern? Protecting Your Sensitive Information. Phillips Auction House NY- 03/24/2015

Are Data Breaches a Real Concern? Protecting Your Sensitive Information. Phillips Auction House NY- 03/24/2015 Are Data Breaches a Real Concern? Protecting Your Sensitive Information Phillips Auction House NY- 03/24/2015 1 Agenda Current Data Breach Issues & Legal Implications Data Breach Case Study Risk Management

More information

Privacy & Data Security

Privacy & Data Security Privacy & Data Security May 9, 2014 Presented at: SWBA 39 TH ANNUAL CONFERENCE by: James E. Prendergast, Esq. Overview Data Privacy Concerns: Unauthorized access, use, acquisition or disclosure of information

More information

Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00)

Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00) Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00) May 15, 2009 LLP US Information Security Framework Historically industry-specific HIPAA Fair Credit Reporting

More information

HIPAA Security Rule Compliance

HIPAA Security Rule Compliance HIPAA Security Rule Compliance Caryn Reiker MAXIS360 HIPAA Security Rule Compliance what is it and why you should be concerned about it Table of Contents About HIPAA... 2 Who Must Comply... 2 The HIPAA

More information

FEDERAL CIRCUIT HOLDS THAT HEIGHTENED PLEADING REQUIREMENTS APPLY TO FALSE MARKING ACTIONS

FEDERAL CIRCUIT HOLDS THAT HEIGHTENED PLEADING REQUIREMENTS APPLY TO FALSE MARKING ACTIONS CLIENT MEMORANDUM FEDERAL CIRCUIT HOLDS THAT HEIGHTENED PLEADING REQUIREMENTS APPLY TO FALSE MARKING ACTIONS In a decision that will likely reduce the number of false marking cases, the Federal Circuit

More information

Technological Evolution

Technological Evolution Technological Evolution The Impact of Social Media, Big Data and Privacy on Business Cybersecurity: Promoting Prevention and Resilience Steven Chabinsky William Ridgway Marcus Christian James Woods General

More information

Navigating the New MA Data Security Regulations

Navigating the New MA Data Security Regulations Navigating the New MA Data Security Regulations Robert A. Fisher, Esq. 2009 Foley Hoag LLP. All Rights Reserved. Presentation Title Data Security Law Chapter 93H Enacted after the TJX data breach became

More information

Cybersecurity Assessment

Cybersecurity Assessment Cybersecurity Assessment What Will the Regulators Be Looking For? Legal Counsel to the Financial Services Industry Digital Commerce & Payments Series Webinar March 18, 2015 1 Introduction & Overview Today

More information

Case 2:10-cv-02263-JAR Document 98 Filed 05/04/11 Page 1 of 8 IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF KANSAS

Case 2:10-cv-02263-JAR Document 98 Filed 05/04/11 Page 1 of 8 IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF KANSAS Case 2:10-cv-02263-JAR Document 98 Filed 05/04/11 Page 1 of 8 IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF KANSAS SANDRA H. DEYA and EDWIN DEYA, individually and as next friends and natural

More information

Litigation Trends in Cybersecurity and Privacy

Litigation Trends in Cybersecurity and Privacy Litigation Trends in Cybersecurity and Privacy The webinar will begin shortly. Please stand by. The slides will be sent to you after the event. Jeffrey L. Poston Clifford J. Zatz February 24, 2015 Jeff

More information

Anatomy of a Hotel Breach

Anatomy of a Hotel Breach Page 1 of 6 Anatomy of a Hotel Breach Written by Sandy B. Garfinkel Monday, 09 June 2014 15:22 Like 0 Tweet 0 0 Data breach incidents have dominated the news in 2014, and they are only becoming more frequent

More information

2011 2012 Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec.

2011 2012 Aug. Sept. Oct. Nov. Dec. Jan. Feb. March April May-Dec. The OCR Auditors are coming - Are you next? What to Expect and How to Prepare On June 10, 2011, the U.S. Department of Health and Human Services Office for Civil Rights ( OCR ) awarded KPMG a $9.2 million

More information

HIPAA Security Alert

HIPAA Security Alert Shipman & Goodwin LLP HIPAA Security Alert July 2008 EXECUTIVE GUIDANCE HIPAA SECURITY COMPLIANCE How would your organization s senior management respond to CMS or OIG inquiries about health information

More information

If You Shopped at Target from November 27 through December 18, 2013 or Received Notice That Your Personal Information Was Compromised,

If You Shopped at Target from November 27 through December 18, 2013 or Received Notice That Your Personal Information Was Compromised, UNITED STATES DISTRICT COURT FOR THE DISTRICT OF MINNESOTA If You Shopped at Target from November 27 through December 18, 2013 or Received Notice That Your Personal Information Was Compromised, You Could

More information

UNITED STATES DISTRICT COURT WESTERN DISTRICT OF NORTH CAROLINA CHARLOTTE DIVISION

UNITED STATES DISTRICT COURT WESTERN DISTRICT OF NORTH CAROLINA CHARLOTTE DIVISION UNITED STATES DISTRICT COURT WESTERN DISTRICT OF NORTH CAROLINA CHARLOTTE DIVISION BRIAN Z. FRANCE, v. MEGAN P. FRANCE, Plaintiff, Defendant. Case No. 3:11-CV-00186 PLAINTIFF S MEMORANDUM OF LAW IN SUPPORT

More information

3:13-cv-00999-TLW Date Filed 03/31/15 Entry Number 110 Page 1 of 36 UNITED STATES DISTRICT COURT DISTRICT OF SOUTH CAROLINA COLUMBIA DIVISION

3:13-cv-00999-TLW Date Filed 03/31/15 Entry Number 110 Page 1 of 36 UNITED STATES DISTRICT COURT DISTRICT OF SOUTH CAROLINA COLUMBIA DIVISION 3:13-cv-00999-TLW Date Filed 03/31/15 Entry Number 110 Page 1 of 36 UNITED STATES DISTRICT COURT DISTRICT OF SOUTH CAROLINA COLUMBIA DIVISION Richard G. Beck, Beverly Watson, ) Cheryl Gajadhar, Jeffery

More information

Signed into law on February 17, 2009, the Stimulus Package known

Signed into law on February 17, 2009, the Stimulus Package known Stimulus Package Expands HIPAA Privacy and Security and Adds Federal Data Breach Notification Law Marcy Wilder, Donna A. Boswell, and BarBara Bennett The authors discuss provisions of the Stimulus Package

More information

Case: 1:10-cv-00363-WHB Doc #: 31 Filed: 09/02/10 1 of 14. PageID #: 172

Case: 1:10-cv-00363-WHB Doc #: 31 Filed: 09/02/10 1 of 14. PageID #: 172 Case: 1:10-cv-00363-WHB Doc #: 31 Filed: 09/02/10 1 of 14. PageID #: 172 IN THE UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF OHIO EASTERN DIVISION JAMES MEYER, v. Plaintiff, DEBT RECOVERY SOLUTIONS

More information

Technological Evolution

Technological Evolution Technological Evolution The Impact of Social Media, Big Data and Privacy on Business Government Regulation, Enforcement and Legislation on Privacy, Cyber Security and Social Media Jeff Brueggeman Vice

More information

Preparing For and Responding to a Computer Security Incident:

Preparing For and Responding to a Computer Security Incident: Preparing For and Responding to a Computer Security Incident: MAKINGTHE FIRST 72 HOURS COUNT Marcus A. Christian Partner mchristian@mayerbrown.com Rajesh De Partner & Head of Global Cybersecurity & Data

More information

HIPAA PRIVACY AND SECURITY AWARENESS

HIPAA PRIVACY AND SECURITY AWARENESS HIPAA PRIVACY AND SECURITY AWARENESS Introduction The Health Insurance Portability and Accountability Act (known as HIPAA) was enacted by Congress in 1996. HIPAA serves three main purposes: To protect

More information

Cloudy With a Chance Of Risk Management

Cloudy With a Chance Of Risk Management Proudly presents Cloudy With a Chance Of Risk Management Toby Merrill, ACE USA John Mullen, Nelson Levine de Luca & Hamilton Shawn Melito, Immersion Ltd. Michael Trendler, ACE INA Canada What is Cloud

More information

trial court and Court of Appeals found that the Plaintiff's case was barred by the statute of limitations.

trial court and Court of Appeals found that the Plaintiff's case was barred by the statute of limitations. RESULTS Appellate Court upholds decision that malpractice action barred September 2, 2015 The South Carolina Court of Appeals recently upheld a summary judgment obtained by David Overstreet and Mike McCall

More information

CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131

CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION. Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 CYBERSECURITY: THREATS, SOLUTIONS AND PROTECTION Robert N. Young, Director Carruthers & Roth, P.A. Email: rny@crlaw.com Phone: (336) 478-1131 TOPICS 1. Threats to your business s data 2. Legal obligations

More information

Data Breaches, Hacks and Vulnerabilities: Leading Strategies for Responding to a Data Breach

Data Breaches, Hacks and Vulnerabilities: Leading Strategies for Responding to a Data Breach Data Breaches, Hacks and Vulnerabilities: Leading Strategies for Responding to a Data Breach Presented by: S. Ashlie Beringer, Karl G. Nelson, Alexander H. Southwell February 29, 2012 Agenda Data Security

More information

Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues

Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues Cybersecurity and Data Breach: Mitigating Risk and How Government Policymakers Approach These Critical Issues Todd Bertoson Daniel Gibb Erin Sheppard Principal Senior Managing Associate Counsel todd.bertoson@dentons.com

More information

PRESENT: THE HONORABLE DAVID O. CARTER, JUDGE

PRESENT: THE HONORABLE DAVID O. CARTER, JUDGE Case 8:13-cv-01292-DOC-JCG Document 70 Filed 08/27/14 Page 1 of 7 Page ID #:1073 Title: JACOB PETERSEN V. TOWNSEND FARMS INC. ET AL. PRESENT: THE HONORABLE DAVID O. CARTER, JUDGE Julie Barrera Courtroom

More information

Pennsylvania Law on Advertising Injury

Pennsylvania Law on Advertising Injury Pennsylvania Law on Advertising Injury Summary of Cases Atlantic Mutual Insurance v. Brotech Corp., 857 F. Supp. 423 (E.D. Pa. 1994), aff'd, 60 F.3d 813, 1995 U.S. App. LEXIS 15297 (3d Cir. May 12, 1995)

More information

Enforcement of Health Information Privacy & Security Standards Federal Enforcement Through Recent Cases and Tools to Measure Regulatory Compliance

Enforcement of Health Information Privacy & Security Standards Federal Enforcement Through Recent Cases and Tools to Measure Regulatory Compliance Enforcement of Health Information Privacy & Security Standards Federal Enforcement Through Recent Cases and Tools to Measure Regulatory Compliance Iliana Peters, JD, LLM, HHS Office for Civil Rights Kevin

More information

Data Privacy: What your nonprofit needs to know. Donna Balaguer and Ed Lavergne Washington, D.C. February 5, 2015

Data Privacy: What your nonprofit needs to know. Donna Balaguer and Ed Lavergne Washington, D.C. February 5, 2015 Data Privacy: What your nonprofit needs to know Donna Balaguer and Ed Lavergne Washington, D.C. February 5, 2015 Overview 2 Data privacy versus data security Privacy polices and best practices Data security

More information

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF KANSAS

IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF KANSAS Case 5:13-cv-04137-JWL-JPO Document 16 Filed 02/04/14 Page 1 of 5 IN THE UNITED STATES DISTRICT COURT FOR THE DISTRICT OF KANSAS UNITED STATES OF AMERICA, for the use and benefit of LAWRENCE KEVIN WRIGHT,

More information

UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF TEXAS HOUSTON DIVISION CIVIL ACTION NO. 4:14-CV-2872 MEMORANDUM OPINION AND ORDER

UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF TEXAS HOUSTON DIVISION CIVIL ACTION NO. 4:14-CV-2872 MEMORANDUM OPINION AND ORDER UNITED STATES DISTRICT COURT SOUTHERN DISTRICT OF TEXAS HOUSTON DIVISION BEVERLY T PETERS, VS. Plaintiff, ST. JOSEPH SERVICES CORPORATION d/b/a ST. JOSEPH HEALTH SYSTEM, et al, Defendants. CIVIL ACTION

More information

Case: 1:11-cv-00375-DAP Doc #: 16 Filed: 05/10/11 1 of 5. PageID #: <pageid> UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF OHIO EASTERN DIVISION

Case: 1:11-cv-00375-DAP Doc #: 16 Filed: 05/10/11 1 of 5. PageID #: <pageid> UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF OHIO EASTERN DIVISION Case 111-cv-00375-DAP Doc # 16 Filed 05/10/11 1 of 5. PageID # 11cv0375a-ord(jurisdiction).wpd UNITED STATES DISTRICT COURT NORTHERN DISTRICT OF OHIO EASTERN DIVISION C.B. FLEET COMPANY, INC.,

More information

Managing Cyber & Privacy Risks

Managing Cyber & Privacy Risks Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past

More information

IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF PENNSYLVANIA. Memorandum and Order

IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF PENNSYLVANIA. Memorandum and Order IN THE UNITED STATES DISTRICT COURT FOR THE EASTERN DISTRICT OF PENNSYLVANIA CAROSELLA & FERRY, P.C., Plaintiff, v. TIG INSURANCE COMPANY, Defendant. CIVIL ACTION NO. 00-2344 Memorandum and Order YOHN,

More information

ENVIRONMENTAL, ENERGY AND MARITIME LAW March 2010

ENVIRONMENTAL, ENERGY AND MARITIME LAW March 2010 I suggest the following simple ten ways to avoid malpractice in litigation: ENVIRONMENTAL, ENERGY AND MARITIME LAW March 2010 IN THIS ISSUE R. Bruce Barze, Jr. and Alexia B. Borden provide an update on

More information

BDO: Vicarious Liability for Accounting Networks and Member Firms

BDO: Vicarious Liability for Accounting Networks and Member Firms BDO: Vicarious Liability for Accounting Networks and Member Firms Clare Canning (London) Stanley Parzen (Chicago) Andy Pincus (Washington DC) Mayer Brown is a global legal services organization comprising

More information