“Not so fast!” cried privacy advocates and parents when California federal judge Kimberly Mueller ordered the release of a huge database of personally identifiable student information to a group of plaintiffs’ lawyers.
Morgan Hill Concerned Parents v. California Department of Education is a lawsuit filed in 2011 that alleges that California schools have failed to
Latest from Password Protected - Page 16
SEC Expands Cybersecurity Compliance Requirements For 2016
On January 11, 2016, the Securities and Exchange Commission announced the 2016 examination priorities list. For the third year in a row, cybersecurity is a top concern, especially with regard to internal security program assessment and evaluation. This year the Office of Compliance Inspections and Examinations (OCIE) will focus on cybersecurity protocols implemented by financial
Health Provisions in the Omnibus Appropriations: Cybersecurity in the Healthcare Industry
The omnibus appropriations legislation that Congress passed last week contained a variety of health-related provisions. These provisions include rescinding funding for the Independent Payment Advisory Board (IPAB), deficit-neutral language related to risk corridor payments and cybersecurity.
Within a title dealing with cybersecurity issues, including within the federal government, section 405 requires the Department of Health
Vizio and Google Data Privacy Class Actions Illustrate Risks of Data Collection – And Defensive Value of Robust Disclosures
Two recent developments in data privacy litigation highlight the continuing challenges to companies that collect internet usage information without clearly disclosing the manner and method in which they are doing so to users. As these events demonstrate, plaintiffs’ attorneys are aggressively bringing actions against companies that collect user data, including through the invocation of California’s
EU and U.S. Reach “Umbrella Agreement” on Data Transfers
The EU and U.S. reached an agreement on Tuesday (9 September) which will enable the two sides to exchange personal data during criminal and terrorism investigations.
The so-called “Umbrella Agreement” comes after four years of negotiations between the EU and U.S. and will protect personal data exchanged between police and judicial authorities in the course
FFIEC Assessment Helps Financial Institutions Prevent Cyber Attacks
The Federal Financial Institutions Examination Council (FFIEC) recently issued an assessment tool meant to assist financial institutions in the detection of cybersecurity vulnerabilities and the prevention of cyber attacks.
The FFIEC is an interagency body that develops the principles and standards used by agencies and organizations empowered to examine financial institutions, such as the Consumer Financial
Facebook Takes a First Step Toward Mass Adoption of Encryption
This week, the social networking service Facebook quietly announced that it will begin making PGP encryption available for communications from Facebook to its users. While this step, in itself, is a small one not likely to directly impact many individuals, if it signals a resurgence in development of public key cryptography for use by the
How Does Your Firm Compare? Results from the SEC’s Cybersecurity Examinations
On Feb. 3, 2015, the Securities and Exchange Commission (SEC) published a Risk Alert summarizing observations gleaned from a cybersecurity examination sweep of 57 registered broker-dealers (BDs) and 49 registered investment advisers (IAs). The examination sweep followed an April 2014 announcement that the SEC’s Office of Compliance Inspections and Examinations (OCIE) 2014 Examination Priorities included