MenuClose

Sep 03

In the Wake of Wyndham’s Alleged Mistakes, Businesses Should Review Cybersecurity Policies

This post was co-authored by Michael B. Hayes, a partner in Montgomery McCracken’s Litigation Department.  He serves an editor of the firm’s Data Privacy Alert blog, which focuses on data privacy and cybersecurity issues. Michael can be reached at 215.772.7211 or at mhayes@mmwr.com. The old… Read More

Aug 21

National Cybersecurity Center of Excellence releases its first cybersecurity practice guide: “Securing Electronic Health Records on Mobile Devices.”

As we discussed during a recent webinar, Cybersecurity: A Mid-Year Legal Review, damaging health care data breaches are being reported with increasing frequency. Earlier this year, the FBI issued a private notice to the healthcare industry warning providers that their cybersecurity systems are lax compared… Read More

Jul 30

Burying The Lead: Company Insiders Responsible For Most Data Breaches, Not Hackers

This post was co-authored by Christine M. Prokopick, an associate in Montgomery McCracken’s Litigation Department. She serves an editor of the firm’s White Collar Alert blog, which focuses on white collar crime and government investigations. Christine can be reached at 215.772.7233 or at cprokopick@mmwr.com. Nearly every… Read More

Jul 20

Is there a “Constitutional Right to Informational Privacy”?

Only July 8, 2015, the National Treasury Employees Union filed the second class action against (now former) OPM Director Archuleta stemming from the massive OPM data breach.  While the plaintiffs in the first OPM data breach lawsuit, briefly discussed here, alleged violations of the Privacy… Read More

Jul 08

Glass Houses: Comparing the FTC’s data security “guidance” against the OPM’s reported data security failures

On June 30th, the Federal Trade Commission issued data security “guidance” for business as part of its “Start with Security” initiative. According to the FTC, its new guidance is drawn from “lessons learned from the more than 50 law enforcement actions the FTC has announced… Read More

Jul 01

FTC announces data security initiative with new guidance for businesses

On June 30, 2015, the Federal Trade Commission announced a new initiative called “Start with Security,” which includes new guidance for businesses that draws on the lessons learned in the more than 50 data security cases brought by the FTC over the years. The new… Read More

Jun 24

It’s Inevitable: Is Your Organization Ready to Respond to a Data Breach?

Confidential business and consumer information is one of the most valuable assets to any organization. Liability concerns over the privacy and security of employee and customer information is paramount, as evidenced by the daily headlines of data breaches and thefts. Almost every business segment –… Read More

Jun 04

Allegheny County Judge Rules that Pennsylvania Does Not Recognize Negligence Claims in Data Breach Actions

A Pittsburgh-area judge recently ruled that Pennsylvania does not recognize negligence claims in data breach lawsuits. Dittman v. UPMC, No. GD-14-003285 (Pa. Ct. Com. Pl., Allegheny Cnty., May 28, 2015). The case centers on a data breach in 2014 involving the University of Pittsburgh Medical… Read More

Mar 20

When Does a Hack Become a Compensable Harm in Federal Court?

No business wants to be the victim of a data breach, but to hear former Director of National Intelligence Mike McConnell tell it, every major corporation in America already has (whether they realize it or not). The discovery of a potential breach should set off… Read More

Oct 20

Of Dropbox and Data Breaches: Highlighting the need for increased cyber-security at home and in the workplace

Reports of massive data breaches at trusted American retail businesses, banks, credit card companies and even governmental agencies have unfortunately become routine. So much so, in fact, that many of us have become desensitized to the serious personal privacy, identity protection and financial risks involved.… Read More