In April 2019, the UK Department for Digital, Culture, Media and Sport announced in its Online Harms White Paper proposals for a new regulatory framework to make companies more responsible for users’ online safety.
Continue Reading
Cybersecurity
EU Parliament Approves the Proposal for Cybersecurity Act
Posted on
On March 12, 2019, the European Parliament approved the proposal for “Regulation of the European Parliament and of the Council on ENISA,” repealing Regulation (EU) No 526/2013 and an information and communications technology cybersecurity certification.…
Continue Reading
Ten Years Strong: A Decade of Privacy and Cybersecurity Insights
Posted on
Hunton Andrews Kurth celebrates the 10-year anniversary of our award-winning Privacy and Information Security Law Blog. Download a copy of “Ten Years Strong: A Decade of Privacy and Cybersecurity Insights.”…
Continue Reading
Reported Cyber Attacks on U.S. Electric Utilities and Government Agencies
Posted on
Posted in Cybersecurity, Information Security
Hundreds of contractors and subcontractors with connections to U.S. electric utilities and government agencies have been hacked according to a recent report by the Wall Street Journal.…
Continue Reading
HHS Publishes Health Industry Cybersecurity Practices
Posted on
The U.S. Department of Health and Human Services recently published “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients,” which was developed by the Healthcare & Public Health Sector Coordinating Councils Public Private Partnership, a group comprised of over 150 cybersecurity and healthcare experts from government and private industry.…
Continue Reading
Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina
Posted on
New cybersecurity rules for insurance companies licensed in South Carolina are set to take effect in part on January 1, 2019. This blog entry provides details on the new law. …
Continue Reading
Agreement on Proposal for Cybersecurity Act
Posted on
Posted in Cybersecurity, European Union
The European Commission, the European Parliament have reached a proposed agreement with the Council of the European Union regarding changes to the EU’s Cybersecurity Act.…
Continue Reading
Supreme Court of Pennsylvania Ruling on Common Law Duty to Protect Electronic Employee Data
Posted on
Posted in Cybersecurity, Security Breach
On November 21, 2018, the Supreme Court of Pennsylvania found that a putative class action against UPMC by current and former employees should not have been dismissed. Employers have common law duty to use reasonable care to safeguard its employees’ sensitive personal information that it stores on Internet-accessible computer systems, and Pennsylvania’s economic loss doctrine did not bar the plaintiffs’ negligence claim.…
Continue Reading
BayLDA Publishes Review on Audits
Posted on
Posted in Cybersecurity, European Union
On November 7, 2018, the Data Protection Authority of Bavaria for the Private Sector issued a press release on the audits it has carried out in Bavaria since the entry into application of the EU General Data Protection Regulation.…
Continue Reading
New Ohio Law Creates Safe Harbor for Certain Breach-Related Claims
Posted on
Posted in Cybersecurity, U.S. State Law
Effective November 2, 2018, a new Ohio breach law will provide covered entities a legal safe harbor in certain data breach-related claims brought in an Ohio court or under Ohio law if, at the time of the breach, the entity maintains and complies with a cybersecurity program that (1) contains administrative, technical, and physical safeguards for the protection of personal information, and (2) reasonably conforms to one of the “industry-recognized” cybersecurity frameworks enumerated in the law.…
Continue Reading