Quarles & Brady LLP

On September 28, 2018 California Governor Jerry Brown signed into law the first law in the United States governing the security of connected devices, set to take effect on January 1, 2020. The law places a burden on manufacturers of so-called “connected devices” to determine if changes to their security measures are required. The law applies to a broad range of “connected devices” and necessitates “reasonable” security. Quarles & Brady is working with manufacturers to…
Just when you thought you’d heard enough of newly enacted data privacy and security laws (“GDPR” ring a bell?), there’s more news on that front. The California legislature recently passed The California Consumer Privacy Act of 2018 (CCPA). According to a report by the International Association of Privacy Professionals, CCPA will affect over 500,000 U.S. businesses. And that’s a conservative estimate. Undoubtedly, CCPA’s enactment was influenced by the EU’s General Data Protection Regulation (GDPR) and…
What sort of damages must be pleaded to survive a motion to dismiss in a data breach class action? Recently, the Court of Appeals for the Seventh Circuit in Dieffenbach v. Barnes & Noble answered that question. In short, the court held that at the pleadings stage, damages may be just a “trifle.” The case arose when Barnes & Noble experienced a data breach that resulted from the compromise of its point of sale system…
Today, May 25, 2018, is a historic day in the global data privacy and security world as it is the effective day of the European Union’s (EU) General Data Protection Regulation (GDPR), a regulation designed to protect the “personal data” of EU residents by mandating standards for processing, using, and storing that data. Many organizations do not realize the full magnitude of what the GDPR requires, and non-compliance can cost organizations dearly. However, we are…
On April 30, 2018 a Massachusetts physician was convicted by a federal jury for violating the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and obstructing a criminal health care investigation after impermissibly disclosing protected health information and lying to federal agents during a criminal health care investigation.…
We have already provided you with the update on Health Information Technology, Privacy and Security 2018 First Quarter Update but we did not want the non-health care entities to feel left out! As such, we have assembled a few other noteworthy events in the data privacy and security world from the first quarter of 2018.…
Is it April already? Where has the time gone? We have all heard about Facebook’s woes, but you have been so busy, you have probably missed a few of the other recent developments in health IT and data privacy and security. We have you covered with a roundup of some of the significant and interesting guidance and events from the first quarter of 2018.…
On March 28, 2018, exactly one week after South Dakota enacted a data breach notification law, and a little over sixteen years since California became the first state to pass a data breach law, Alabama became the fiftieth and final state to pass a data breach notification law. Until recently, Alabama and South Dakota were the only states that did not have data breach notification laws. Under Senate Bill 318, any person or…
On March 21, 2018, South Dakota became the forty-ninth state to enact a data breach notification law when Senate Bill 62 was signed by the governor. South Dakota’s breach notification law is effective July 1, 2018. In 2002, California became the first state to enact a data breach law, and since then, nearly every state has followed suit. Up until this point, the lone stragglers were South Dakota and Alabama (more on Alabama below).…
Quarles & Brady’s Labor & Employment Practice recently presented a webinar on, “Developments at the National Labor Relations Board and Their Impact on Employers and Franchisors.”  Judi Williams-Killackey, Chris Nickels and Steve Kruzel reviewed the recent General Counsel memo and recent decisions from the NLRB, including those relating to its joint employer standard, workplace policies and employee handbook rules, micro-unit bargaining rules, and an employer’s ability to implement unilateral changes. Unable to attend? Click…