Archives: Information Security

Subscribe to Information Security RSS Feed

Lisa Sotto Invited to Speak at Privacy Shield’s First Annual Joint Review

On September 18, 2017, the European Commission and U.S. Department of Commerce kicked off their first annual joint review of the EU-U.S. Privacy Shield. To aid in the review, the Department invited a few industry leaders, including Hunton & Williams' partner Lisa Sotto to speak about their experiences during the first year of the Privacy Shield.… Continue Reading

OCR Releases Guidance on HIPAA Compliance During Emergencies

On September 7, 2017, the U.S. Department of Health and Human Services’ Office for Civil Rights issued an announcement containing disaster preparedness and recovery guidance in advance of Hurricane Irma. The announcement underscores key privacy and security issues for entities covered by HIPAA to help them protect individuals’ health information before, during and after emergency situations.… Continue Reading

FTC Posts Seventh Blog in Its “Stick with Security” Series

On September 1, 2017, the FTC published the seventh blog post in its “Stick with Security” series. This week’s post, entitled Stick with Security: Secure remote access to your network, outlines important security measures businesses should take to ensure that outside entryways to their systems are sensibly defended.… Continue Reading

FTC Posts Sixth Blog in Its “Stick with Security” Series

On August 25, 2017, the FTC published the sixth blog post in its “Stick with Security” series. This week’s post, entitled Stick with Security: Segment your network and monitor who’s trying to get in and out, illustrates the benefits of segmenting networks and monitoring the size and frequency of data transfers.… Continue Reading

NIAC Issues Recommendations to Improve Critical Infrastructure Cybersecurity

On August 22, 2017, the National Infrastructure Advisory Council issued a report entitled Securing Cyber Assets: Addressing Urgent Cyber Threats to Critical Infrastructure. The NIAC Report notes that sophisticated and readily available malicious cyber tools and exploits have lowered the barrier to cost and increased the potential for successful cyber attacks. … Continue Reading

Delaware Amends Data Breach Notification Law

On August 17, 2017, as reported in BNA Privacy Law Watch, Delaware amended its data breach notification law, effective April 14, 2018. The amendments include expansion of the definition of personal information, timing of notification, changes to the harm threshold and credit monitoring service changes. … Continue Reading

Uber Settles FTC Data Privacy and Security Allegations

On August 15, 2017, the FTC announced that it had reached a settlement with Uber, Inc., over allegations that the ride-sharing company had made deceptive data privacy and security representations to its consumers. Under the terms of the settlement, Uber has agreed to implement a comprehensive privacy program and to undergo regular, independent privacy audits for the next 20 years.… Continue Reading

Hunton Privacy Team Publishes Several Chapters in International Comparative Legal Guide to Data Protection

Hunton & Williams' Global Privacy and Cybersecurity lawyers prepared several chapters in the recently released The International Comparative Legal Guide to: Data Protection 2017, including the opening chapter on “All Change for Data Protection: The European Data Protection Regulation." This blog entry provides a link to access the relevant chapters.… Continue Reading

Colombia Designates U.S. as “Adequate” Data Transfer Nation

On August 14, 2017, the Colombian Superintendence of Industry and Commerce announced that it was adding the United States to its list of nations that provide an adequate level of protection for the transfer of personal information. This development should help facilitate the transfer of personal information from Colombia to the United States.… Continue Reading

FTC Posts Third Blog in Its “Stick with Security” Series

On August 4, 2017, the FTC published the third blog post in its Stick with Security series. This week’s post, entitled "Stick with security: Control access to data sensibly," details key security measures businesses can take to limit unauthorized access to data in their possession.… Continue Reading

Privacy and Data Security Risks in M&A Transactions: Video Series

In a video roundtable series, Hunton & Williams LLP partners Lisa J. Sotto and Steven M. Haas and special counsel Allen C. Goolsby, along with Stroz Friedberg’s co-president Eric M. Friedberg and Lee Pacchia of Mimesis Law, discuss the special consideration that should be given to privacy and cybersecurity risks in corporate transactions. This blog post contains links to the first two segments of the videos. … Continue Reading

FTC Posts Second Blog in Its “Stick with Security” Series

On July 28, 2017, the FTC published the second blog post in its "Stick with Security" series. This week’s post, entitled "Start with security – and stick with it," looks at key security principles that apply to all businesses regardless of their size or the types of data they handle. The guidance offers five steps companies can take to ensure the security of the data they hold.… Continue Reading
LexBlog