-
Paid Family Leave Employee Contribution Rate for 2018 Published
The Department of Financial Services (DFS) has issued a much-anticipated document setting the maximum employee contribution to pay for New York Paid Family Leave (PFL) at 0.126% of an employee’s weekly wage, up to the statewide average weekly wage.&n
-
Workers Compensation Board Issues Proposed New York Paid Family Leave Rules, Take Two
Back in February, proposed regulations for New York’s Paid Family Leave Benefits Law were issued by the Workers Compensation Board (WCB). Today, the WCB released a revised set of proposed regulations containing some minor and a few substantial change
-
In the News: Financial institutions learn about new cybersecurity regulations.
"When this hits a health care provider or other folks who are on the first line of defense where people's health and safety are concerned, you can certainly understand that decision, but at the end of the day, you have no assurance that the very same
-
The Dangers of Regulatory Creep - Do New York DFS Cybersecurity Regulations Apply to Federally Chartered Financial Institutions?
In February 2017, the New York State Department of Financial Services (“DFS”) finalized a new set of cybersecurity regulations that governs New York’s banking, insurance, and financial services industries. Entities in those industries are required to
-
ISP Privacy Rule Update: Federal Government Out, State Governments In
The Federal Communications Commission (“FCC”) adopted rules in 2016 that restricted Internet Service Providers (“ISPs”), such as Verizon, AT&T, and Comcast, from sharing sensitive data, including browsing history and location data, without consum
-
Yahoo breaches impact on Verizon deal reminds us that cybersecurity is a board concern
Even in today’s day and age, data security issues are sometimes (much too often, in fact) shuffled aside by C-suite executives who are stuck believing that network security is a concern for the IT department, not those who run the company on a day-to
-
What does NY DFS 23 N.Y.C.R.R. Part 500 really mean to your organization?
Join us May 16, 2017 at our Pathway to Compliance event to get insights into the challenges organizations face in complying with the demanding new requirements.
-
And Then There Were Two: Closing the Gap on State-Level Data Breach Notification Requirements
Last Thursday, Governor Martinez of New Mexico signed into law the 48th state-level data breach notification law, bringing the requirements for notifying individuals affected by data breaches to this state.
-
Courts Split on Standing Implications of Credit Monitoring
In our last post, we discussed the evolving standing landscape in class actions. That discussion highlighted the Third Circuit Court of Appeals’ recent decision in Horizon Healthcare, where the Court held that even without hard evidence that any of t
-
Recent FCRA Data Breach Class Action Decision: Statutory violations may be enough to establish Article III standing
In a recent decision, the Third Circuit Court of Appeals reversed the lower court’s ruling on a motion to dismiss and held that class action plaintiffs had Article III standing on the basis of their data security Fair Credit Reporting Act (FCRA) clai
Last Friday, Federal Communications Commission (FCC) Chairman Ajit Pai announced his intent to block a controversial new privacy rule that was adopted under the Obama administration and intended to protect consumer information from disclosure by broadband Internet providers.
On January 12, 2017, the Securities and Exchange Commission (SEC) announced this year’s priorities and areas of focus of its Office of Compliance Inspections and Examinations (OCIE). The OCIE conducts the SEC’s National Examination Program and promotes compliance with federal securities laws.
Yesterday, the New York State Department of Financial Services released the final version of its new cybersecurity regulations, to be promulgated at 23 N.Y.C.R.R. Part 500, making some incremental changes against its last version, released on December 28, 2016.
On January 25, 2017, in Brown Jordan Int’l, Inc. v. Carmicle (No. 16-11350), the U.S. Court of Appeals for the Eleventh Circuit held that expenses incurred by an employer while responding to the unauthorized access of company email accounts by a former employee, even absent an interruption of service, qualify as a “loss” under the federal Computer Fraud and Abuse Act (CFAA). In doing so, the Eleventh Circuit broadly interpreted the CFAA, which permits civil actions only under specific circumstances, including instances when an individual “intentionally accesses a computer without authorization or exceeds authorized access, and thereby obtains … information from any protected computer” resulting in a “loss” during any 1-year period of at least $5,000.
Just days after the IRS released its recent alert concerning W-2 phishing scams (which can be found here), the College of Southern Idaho (“CSI”) reported that it too has become a victim.