Sep 142015

PLI Issues Cybersecurity Treatise

Edward R. McNicholas and Vivek K. Mohan
, , , ,

The Practising Legal Institute has published “Cybersecurity: A Practical Guide to the Law of Cyber Risk,”  a treatise edited by Ed McNicholas and Vivek Mohan of Sidley Austin LLP.   This “Sidley on Cybersecurity” treatise sets out in a clear and readable manner the complex legal framework for cybersecurity in the United States.  We hope that it will be a practical legal guide for in-house attorneys, IT leaders, senior executives, and corporate directors concerned about cybersecurity risk.

In addition to contributions from several Sidley lawyers, including health information privacy and security practice leader Anna Spencer and white collar practice leader Karen Popp, chapters are authored by other leading cybersecurity professionals including guidance on forensics from Tom Hibarger of Stroz Friedberg LLP, cyber risk management from Bill Hardin, cyber insurance from Robert Jones at AIG and Robert Yellen at Willis, Professor Paul Rosenzweig, as well as important guidance from the U.S. Secret Service on corporate-government engagement to address cyber risk.

The treatise is intended to provide a clear, usable resource to attorneys and non-attorneys alike as organizations seek to address rapidly evolving cyber risks.  In addition to surveying the legal landscape, the treatise includes practice tools, checklists, an overview of the legal consequences of a breach, and a tabletop exercise.

Edward R. McNicholas

emcnicholas@sidley.com

Vivek K. Mohan

vmohan@sidley.com

You might also like
FCC Proposes Updated Data Breach Reporting Requirements, Comment Period Ongoing

On January 6, 2023, the Federal Communications Commission (the Commission) released a unanimously adopted Notice of Proposed Rulemaking, “In the Matter of Data Breach Reporting Requirements” (Proposed Rule).  The Commission sought comments through February 22, 2023 on the Proposed Rule which will update its current data breach reporting rule. Reply comments are due on or before March 24, 2023.

New FTC Guidance for Mobile Health Apps

Healthcare providers, health plans, and technology companies that use mobile health apps to access, collect, share, use, or maintain information related to an individual’s health should take note of the recently issued Federal Trade Commission (FTC) Mobile Health App Interactive Tool. The purpose of the tool is to help mobile health developers determine the federal regulatory, privacy, and security laws and regulations that may apply to the use of a consumer’s health information, such as information related to diagnosis, treatment, fitness, wellness, or addiction. While the tool should not be considered legal advice and cannot guarantee compliance with legal requirements, it can help healthcare providers, health plans, and technology companies issue-spot to manage risk in this heavily regulated space.

It Is Now More Difficult For International Pharma To Transfer Data Out Of China

China’s new Measures for the Security Assessment of Outbound Data Transfers (the “Measures”) came into force on September 1, 2022. Pharma companies now have until February 28 to work out whether their activities mean they are affected, and to apply for the new type of data security assessment if they need it.