On November 16, 2023, the Federal Trade Commission released a proposed order in connection with a complaint filed in August of 2020 against Global Tel*Link Corp. and its subsidiaries, Telmate and TouchPay, which offers communication and payment services for incarcerated individuals.
Continue Reading In an FTC First, Proposed Order Requires Global Tel*Link Corp. to Notify Users and Facilities of Future Breaches
Security Breach
Australian Privacy Regulator Sues in Data Breach Case
Patrick Gunning from King & Wood Mallesons reports that, on November 2, 2023, the Australian Information Commissioner filed proceedings in the Federal Court of Australia against Australian Clinical Labs Limited seeking a civil penalty in connection with the company’s response to a data breach that occurred in February 2022.
Continue Reading Australian Privacy Regulator Sues in Data Breach Case
HHS Announces First HIPAA Settlement Agreement Involving Ransomware Attack
On October 31, 2023, the Department of Health and Human Services announced the issuance of a settlement agreement with Doctors’ Management Services, a Massachusetts-based medical management company, related to alleged violations of the Health Insurance Portability and Accountability Act’s Privacy and Security Rules. …
Continue Reading HHS Announces First HIPAA Settlement Agreement Involving Ransomware Attack
CNIL Fines Groupe Canal+ 600,000 Euros For Direct Marketing and GDPR Infringements
On October 12, 2023, the French Data Protection Authority announced a €600,000 fine for mass media company Groupe Canal+ for failing to comply with its commercial prospecting obligations applicable under the French Post and Electronic Communications Code and several obligations of the EU General Data Protection Regulation.
Continue Reading CNIL Fines Groupe Canal+ 600,000 Euros For Direct Marketing and GDPR Infringements
FTC Amends Safeguards Rule to Require Certain Financial Institutions to Report Data Security Breaches
On October 27, 2023, the Federal Trade Commission announced that it has approved an amendment to the Safeguards Rule that would require non-banking institutions to report certain data breaches to the FTC. …
Continue Reading FTC Amends Safeguards Rule to Require Certain Financial Institutions to Report Data Security Breaches
Blackbaud to Pay $49.5 Million in Data Breach Settlement
On October 5, 2023, Blackbaud Inc., a software provider for the philanthropy, healthcare, and education sectors, has resolved claims that the District of Columbia and 49 U.S. states raised.
Continue Reading Blackbaud to Pay $49.5 Million in Data Breach Settlement
Reducing Risks from Cyber Incidents with Cyber and D&O Insurance
Hunton recently published a client alert discussing the importance of cyber and directors and officers liability insurance for companies and their executives to guard against cyber-related exposures. This blog entry provides a link to download the client alert.
Continue Reading Reducing Risks from Cyber Incidents with Cyber and D&O Insurance
SEC Adopts Final Public Company Cybersecurity Disclosure Rules
On July 26, 2023, the U.S. Securities and Exchange Commission adopted long-anticipated disclosure rules for public companies by a 3-2 party-line vote. The final rules apply both to U.S. domestic public companies, as well as any offshore company that qualifies as a “foreign private issuer” under SEC rules due to a strong nexus to the U.S. capital markets. The new rules are effective as soon as December 18, 2023, and we provide further details in this blog post.
Continue Reading SEC Adopts Final Public Company Cybersecurity Disclosure Rules
FTC Proposes Amendments to Health Breach Notification Rule
n May 18, 2023, the Federal Trade Commission announced it is seeking comment to proposed changes to the Health Breach Notification Rule. …
Continue Reading FTC Proposes Amendments to Health Breach Notification Rule
FTC Brings Enforcement Action Against Pregnancy App for Sharing Sensitive Data
On May 17, 2023, the Federal Trade Commission issued a consumer alert regarding the Premom Ovulation Tracker app sharing of sensitive information with third parties without users’ permission.
Continue Reading FTC Brings Enforcement Action Against Pregnancy App for Sharing Sensitive Data