With the thicket of 47 often conflicting state data breach notification laws and the the Federal Trade Commission’s independent efforts to regulate cyber security (which is a hot topic, but one that is outside the scope of this post), businesses of all sizes and in all industries are looking for a cyber security standard that can be adopted as a best practice.
New Suit by Delta Reminds Everyone About the Importance of Data Security Protection in the Context of Third-Party Service Provider Relationships
On February 6, HSE Privacy and Data Security Practice Group Head F. Paul Greene presented on Greater Rochester Enterprise’s “Eyes on the Future” program. Paul, joined by Brian Hedges of Mengel Metzger Barr and Mike McCartney of Digits LLC, discussed why it is crucial for all companies, regardless of size, to take steps to protect their data. Paul also stressed pre-breach planning as key to mitigating risk when systems are compromised.
The Federal Trade Commission (“FTC”) recently issued a report, entitled, Big Data: A Tool for Inclusion or Exclusion? Understanding the Issues (the “Report”), which is intended to guide companies involved in the commercial use of big data consisting of consumer information.
With different and sometimes conflicting state data breach notification statutes, it was nearly inevitable that 2016 would see changes to the notification rules. Below is a quick summary of some of the bigger changes those who deal with Personally Identifiable Information: