On November 24, 2020, a multistate coalition of Attorneys General announced that The Home Depot, Inc. agreed to pay $17.5 million and implement a series of data security practices in response to a data breach the company experienced in 2014.
Continue Reading Home Depot Agrees to Pay $17.5 Million in Multistate Settlement Following 2014 Data Breach

On August 3, 2018, Ohio Ohio Governor John Kasich signed into law Senate Bill 220, which provides covered entities with an affirmative defense to tort claims, based on Ohio law or brought in an Ohio court, that alleges or relates to the failure to implement reasonable information security controls which resulted in a data breach.
Continue Reading Ohio Law Provides Safe Harbor from Tort Claims Related to Data Breaches

Privacy and data security issues have become the subject of critical focus in corporate mergers, acquisitions, divestitures and related transactions. Because of this heightened concern, it is imperative that companies conduct thorough due diligence about privacy and data security issues before entering into a transaction.
Continue Reading Securing a Successful Transaction through Focused Privacy and Data Security Due Diligence

Recently, Syed Ahmad, a partner with Hunton & Williams LLP’s insurance practice, and Eileen Garczynski, partner at insurance brokerage Ames & Gough, co-authored an article, Protecting Company Assets with Cyber Liability Insurance, in Mealey’s Data Privacy Law Report. This blog post contains a link to the full article.
Continue Reading Hunton Discusses Critical Cyber Coverage Selection Issues

On October 25, 2016, the Federal Trade Commission released a guide for businesses on how to handle and respond to data breaches. The 16-page guide details steps businesses should take once they become aware of a potential breach. The guide also underscores the need for cyber-specific insurance to help offset potentially significant response costs.
Continue Reading FTC Issues Guide for Businesses on Handling Data Breaches

On June 30, 2016, the U.S. Department of Health and Human Services’ Office for Civil Rights announced that it had settled potential HIPAA Security Rule violations with Catholic Health Care Services of the Archdiocese of Philadelphia. This is the first enforcement action OCR has taken against a business associate since the HIPAA Omnibus Rule was enacted in 2013.
Continue Reading OCR Enters into First Enforcement Action Against Business Associate

TCCWNA. The very acronym evokes head scratches and sighs of angst and frustration among many in the retail industry. The New Jersey Truth-in-Consumer Contract Warranty and Notice Act was passed in 1981 to protect consumers from allegedly deceptive practices in consumer contracts, warranties, notices and signs. Continue reading for an in-depth view of the TCCWNA and what retailers can do to minimize risk.
Continue Reading The New Wave of Consumer Class Actions Targeting Retailers: What is the TCCWNA?