Category

Information Security

19 November 2015

The Opportunities and the Challenges of Big Data for Business and Public Policy*

*Based on Remarks at the Big Data East Big Data Innovation Conference, September 9, 2015

I believe in the enormous potential of big data. Erik Brynolfsson and Andrew McAfee, authors of The New Machine Age and leading scholars of the digital economy, have compared the power and granularity of computational … Read More

EmailShare
17 November 2015

FCC Enforcement Bureau Issues First Privacy Enforcement Order Against a Cable Operator

On November 5, 2015, the Federal Communications Commission (“FCC” or “Commission”) issued its first ever privacy or data security enforcement order against a cable provider, Cox Communications, Inc. (“Cox”). The order adopted a consent decree entered into with the company, fining the company $595,000 for the breach. The order sets … Read More

EmailShare
09 November 2015

Senate Passes Cybersecurity Legislation, Differences to be Worked Out with House Bills

On October 27, 2015, the Senate passed S. 754, the Cybersecurity Information Sharing Act (“CISA”), with bi-partisan support. Although some raised privacy concerns, CISA received backing from the Administration and support from many industry participants. The Senate bill must be reconciled with similar bills in the House (H.R. 1560 … Read More

EmailShare
31 July 2015

NIST Releases New and Updated Information Security Guidance

In an effort to address growing concerns about security vulnerabilities in both the public and private sectors, the National Institute of Standards and Technology (NIST) has released a flurry of new and updated information security recommendations.  The latest recommendations address protections for sensitive data held by federal contractors, encryption standards, … Read More

EmailShare
02 July 2015

Connecticut Amends Breach Notification Law Regarding Timing and Credit Monitoring; Imposes New Data Security Requirements on Health Insurers and State Contractors

New legislation out of Hartford means that Connecticut joins Massachusetts in imposing strict state requirements for data protection.  S.B. 949. Additionally, the new law amends Connecticut’s data breach notification law, making Connecticut the first in the nation to affirmatively require entities that experience a reportable data breach to offer free … Read More

EmailShare
15 April 2015

Data Protection Legislative Hot Topic

Cyberthreat Sharing Bills Gain Momentum.  On March 12, the Senate Intelligence Committee approved the Cybersecurity Information Sharing Act of 2015 (“CISA”) to increase sharing of cybersecurity threat information by U.S. companies on a vote of 14-1. The legislation grants liability protections for companies that voluntarily share cybersecurity threat information with … Read More

EmailShare
01 November 2014

The Privacy, Data Protection and Cybersecurity Law Review

The first edition of The Privacy, Data Protection and Cybersecurity Law Review appears at a time of extraordinary policy change and practical challenge for this field of law and regulation. Several Sidley lawyers in the Privacy, Data Security and Information Law practice have contributed to this publication.

Editor’s Preface, … Read More

EmailShare
25 April 2014

OCR Levies Nearly $2 Million in HIPAA Fines for Stolen Unencrypted Laptops

On Tuesday, April 22, 2014, the U.S. Department of Health and Human Services Office for Civil Rights (“OCR”) announced that Concentra Health Services Inc. (“CHS”) and QCA Health Plan Inc. (“QCA”) have agreed to pay a total of $1,975,220, collectively, to resolve potential violations of the Health Insurance Portability and … Read More

EmailShare