David Krone

Firm/Organization: Reed Smith LLP

Blogs: FinTech Update, Life Sciences Legal Update, Technology Law Dispatch

Latest Articles

FDA revamps cybersecurity guidance for marketed medical devices

By Kevin Madagan, Mildred Segura, Gerard Stegmaier, Maryanne Woo, Wendell Bartnick, Christopher Butler & David Krone

November 7, 2018

The Food and Drug Administration (FDA) published a draft update to its premarket cybersecurity guidance for device makers on October 18, 2018. The expanded draft guidance includes recommendations on tiered classification of cybersecurity risk, trustworthiness, cybersecurity bill materials, and device cybersecurity labeling that are specific enough to be helpful to manufacturers while at the same time keeping the guidance sufficiently flexible to comply with an industry filled with advancing devices that pose greater and more…

Technology Law Dispatch

California pursues IoT data security regulations with new legislation

By Gerard Stegmaier, Wendell Bartnick & David Krone

October 25, 2018

California enacted Internet of Things (IoT) legislation intended to help protect consumer privacy and safety from potential hacking of connected devices. Under the state legislation that may apply to any connected devices sold in California, manufacturers of connected devices are required to equip the devices with security options suitable to the nature of the device and the information processed by the device. The objective of the legislation is to protect consumers, yet adapt to different…

Life Sciences Legal Update

FDA to implement OIG suggestions on IoT cybersecurity

By Mildred Segura, Kevin Madagan, Gerard Stegmaier, Maryanne Woo, Wendell Bartnick, Christopher Butler & David Krone

October 24, 2018

The Office of the Inspector General (OIG) published a report in September 2018 after a review of the Food and Drug Administration’s (FDA) policies, procedures, and guidance relating to cybersecurity reviews of networked medical1 devices. In its findings, covered in our recent client alert, the OIG determined that while the FDA has started to include cybersecurity concerns in its review process, the FDA should take steps to ensure their cybersecurity review is systematic and…

Technology Law Dispatch

FTC report looks to improve mobile device security for businesses

By Gerard Stegmaier, Mark H. Francis & David Krone

March 20, 2018

On February 28, 2018, the Federal Trade Commission (FTC) released a report about security update practices for businesses providing mobile phones and other connected devices. The report recommends that manufacturers and carriers provide security updates that are consistent with consumer expectations, provide better information regarding their security practices and educate consumers on their role in the update process. While the report is framed as offering recommendations, businesses should keep in mind that such reports often…

Technology Law Dispatch

DHS and DOC Report on Botnets and IoT Security Recommends Increased Collaboration between Stakeholders in Private Industry and Government

By David Krone

January 19, 2018

On Jan. 5, 2018, the Department of Homeland Security (DHS) and the Department of Commerce (DOC) released their joint draft report on “Enhancing the Resilience of the Internet and Communications Ecosystem against Botnets and Other Automated, Distributed Threats” for public comment. The report provides a series of recommendations for addressing the threats presented by botnets as well as improving security for Internet-connected devices or the Internet of Things (IoT). Chief among these was a call…

Technology Law Dispatch

Delaware Amends Data Breach Notification Law to Require Reasonable Data Security and Expand the Scope of Personal Information Requiring Notice

By David Krone

August 28, 2017

On August 17, 2017, Delaware Governor John Carney signed into law House Substitute 1 for House Bill 180, making the first significant amendment to Delaware’s data breach notification law since 2005. The bill, scheduled to go into effect April 14, 2018, requires private organizations to maintain reasonable security policies and procedures; expands the definition of “personal information” to include medical information, biometric identifiers, and electronic signatures; and adds additional breach notification and credit monitoring…

Technology Law Dispatch

President Trump Signs Executive Order on Cybersecurity Focusing on Critical Infrastructure, Federal Networks and Public Cybersecurity Policy

By David Krone

May 17, 2017

On Monday, May 11, 2017, President Donald Trump signed an Executive Order on “Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.” The Executive Order comes after Trump had postponed signing a similar executive order on cybersecurity on Feb. 1, and another draft executive order had been circulated Feb. 10. The final Executive Order aligns with the preceding Executive Order 13636, “Improving Critical Infrastructure Security,” signed by the Obama administration on Feb.…

Technology Law Dispatch

NIST Publishes Introduction to Privacy Engineering and Risk Management to Assist Agencies and Organizations in Designing Privacy-Compliant Systems

By David Krone

January 11, 2017

On January 4, 2017, the National Institute of Standards and Technology (“NIST”) published the final version of NIST IR 8062 “An Introduction to Privacy Engineering and Risk management in Federal Systems.” The report introduces the concept of applying systems engineering practices to privacy and provides a new model for conducting privacy risk assessments on systems. In the blog post accompanying the release, NIST notes that the report is intended to address the absence…

FinTech Update

SEC Forum on FinTech Innovation Discusses Leveraging the Blockchain to Enhance Transparency, Verifiability and Governance in Corporate Processes

By Kari Larsen, David Krone & Anthony J. Ford

November 23, 2016

In a panel at the Securities and Exchange Commission’s recent forum on Innovation in FinTech, experts discussed blockchain’s potential role in corporate processes such as by providing an unalterable history of transactions, by tracking products and documents throughout their lifecycles, and by dividing the risks and costs of maintaining an authoritative system of record among multiple parties. While the blockchain presents some implementation challenges and technical limitations, it provides opportunities for cost-savings and efficiencies for…

Technology Law Dispatch

Leveraging the Blockchain to Provide an Unalterable, Distributed Ledger for Transactions, Supply Chains and Other Corporate Processes

By Kari Larsen, David Krone & Anthony J. Ford

November 23, 2016

On Monday, November 14, 2016, the Securities and Exchange Commission (SEC) hosted a forum to discuss financial technology (FinTech) innovation in the financial services industry. The summit discussed several topics, but the second panel, titled “Impact of Recent Innovation on Trading, Settlement, and Clearance Activities,” specifically addressed blockchain-enabled distributed ledger technology and its applicability in corporate environments. The panel provided an opportunity for the SEC to highlight blockchain’s potential for assisting companies in meeting compliance…

David Krone

FDA revamps cybersecurity guidance for marketed medical devices

California pursues IoT data security regulations with new legislation

FDA to implement OIG suggestions on IoT cybersecurity

FTC report looks to improve mobile device security for businesses

DHS and DOC Report on Botnets and IoT Security Recommends Increased Collaboration between Stakeholders in Private Industry and Government

Delaware Amends Data Breach Notification Law to Require Reasonable Data Security and Expand the Scope of Personal Information Requiring Notice

President Trump Signs Executive Order on Cybersecurity Focusing on Critical Infrastructure, Federal Networks and Public Cybersecurity Policy

NIST Publishes Introduction to Privacy Engineering and Risk Management to Assist Agencies and Organizations in Designing Privacy-Compliant Systems

SEC Forum on FinTech Innovation Discusses Leveraging the Blockchain to Enhance Transparency, Verifiability and Governance in Corporate Processes

Leveraging the Blockchain to Provide an Unalterable, Distributed Ledger for Transactions, Supply Chains and Other Corporate Processes

Stay Connected

Company

Support

New to the Network