-
The Risk in Conducting Your Risk Assessment
Few things have upended the world of cybersecurity regulation in the United States recently more than the new cybersecurity regulations issued by the New York State Department of Financial Services (“DFS”) in March of this year. Found in 23 N.Y
-
Final Paid Family Leave Rules Issued in New York
With less than six months until the roll out of Paid Family Leave (PFL) in New York, the Workers Compensation Board (WCB) has released the final rules implementing the PFL Benefits Law.
-
Paid Family Leave Employee Contribution Rate for 2018 Published
The Department of Financial Services (DFS) has issued a much-anticipated document setting the maximum employee contribution to pay for New York Paid Family Leave (PFL) at 0.126% of an employee’s weekly wage, up to the statewide average weekly wage.&n
-
Workers Compensation Board Issues Proposed New York Paid Family Leave Rules, Take Two
Back in February, proposed regulations for New York’s Paid Family Leave Benefits Law were issued by the Workers Compensation Board (WCB). Today, the WCB released a revised set of proposed regulations containing some minor and a few substantial change
-
In the News: Financial institutions learn about new cybersecurity regulations.
"When this hits a health care provider or other folks who are on the first line of defense where people's health and safety are concerned, you can certainly understand that decision, but at the end of the day, you have no assurance that the very same
-
The Dangers of Regulatory Creep - Do New York DFS Cybersecurity Regulations Apply to Federally Chartered Financial Institutions?
In February 2017, the New York State Department of Financial Services (“DFS”) finalized a new set of cybersecurity regulations that governs New York’s banking, insurance, and financial services industries. Entities in those industries are required to
-
ISP Privacy Rule Update: Federal Government Out, State Governments In
The Federal Communications Commission (“FCC”) adopted rules in 2016 that restricted Internet Service Providers (“ISPs”), such as Verizon, AT&T, and Comcast, from sharing sensitive data, including browsing history and location data, without consum
-
Yahoo breaches impact on Verizon deal reminds us that cybersecurity is a board concern
Even in today’s day and age, data security issues are sometimes (much too often, in fact) shuffled aside by C-suite executives who are stuck believing that network security is a concern for the IT department, not those who run the company on a day-to
-
What does NY DFS 23 N.Y.C.R.R. Part 500 really mean to your organization?
Join us May 16, 2017 at our Pathway to Compliance event to get insights into the challenges organizations face in complying with the demanding new requirements.
-
And Then There Were Two: Closing the Gap on State-Level Data Breach Notification Requirements
Last Thursday, Governor Martinez of New Mexico signed into law the 48th state-level data breach notification law, bringing the requirements for notifying individuals affected by data breaches to this state.
In our last post, we discussed the evolving standing landscape in class actions. That discussion highlighted the Third Circuit Court of Appeals’ recent decision in Horizon Healthcare, where the Court held that even without hard evidence that any of the plaintiffs’ personal information was used improperly, the alleged disclosure of information was enough to create a “de facto injury” sufficient to confer standing.
Employers have had nearly a year to consider New York’s Paid Family Leave Benefits Law. With the recent release of proposed Paid Family Leave (PFL) rules by the Workers’ Compensation Board (WCB), employers finally have something new to consider as they make plans to offer the required PFL benefits starting January 1, 2018.
In previous posts, we’ve highlighted the FTC’s broad regulation of the use, storage and protection of consumer data under Section 5(a) of the FTC Act and discussed how the FTC relies upon its authority under the Act to flex its muscles in the cybersecurity realm. The FTC’s touchstone for data protection is “reasonableness” and for guidance as to its expectations as to what is deemed reasonable, the FTC has pointed businesses to its speeches, congressional testimony, articles, blog entries, Commission materials and published settlements. It is for this reason that a blog post published last week on the FTC’s website regarding what to do if businesses are impersonated as part of a phishing scam is so interesting.
Join us March 22, 2017 for a live webinar with F. Paul Greene, partner and chair of our Privacy and Data Security practice group and Reg Harnish, CEO of GreyCastle Security, to learn about the final set of DFS’s Cybersecurity Rules, which have been in force as of March 1, 2017.
In a recent decision, the Third Circuit Court of Appeals reversed the lower court’s ruling on a motion to dismiss and held that class action plaintiffs had Article III standing on the basis of their data security Fair Credit Reporting Act (FCRA) claims.