Privacy Compliance & Data Security

Information on Data Breach Prevention and the Appropriate Response

Fox Rothschild’s Minneapolis Privacy Summit on November 8 will explore key cybersecurity issues and compliance questions facing company decision-makers. This free event will feature an impressive array of panelists drawn from cybersecurity leaders in major industries, experienced regulatory and compliance professionals and the Chief Division Counsel of the Minneapolis Division of the FBI. Attendees receive complimentary breakfast and lunch, and can take advantage of networking opportunities and informative panel sessions: GDPR and the California Consumer…
The American Bar Association is holding its upcoming 2018 Business Law Section Annual Meeting at the Austin Convention Center in Austin, TX, from September 13 to 15. Fox partner Matt Kittay will moderate a panel entitled “Lawyer Ethical Issues in M&A Technology.” Featuring Haley Altman of Doxly, Steve Obenski of Kira Systems, and James Walker of Richards Kibbe & Orbe. The group will discuss ethical issues facing lawyers who use both emerging and…
Jeffrey L. Widman writes: In 2008, the Illinois legislature enacted the Illinois Biometric Privacy Act, 740 ILCS 14/1 et seq. (“BIPA”) to provide standards of conduct for private entities in connection with the collection and possession of “biometric identifiers and information.” BIPA regulates the collection, use, safeguarding, handling, storage, retention and destruction of such biometric identifiers. Biometric identifiers include retina and iris scans, fingerprints, voiceprints, and scans of hands and faces. It does not include…
Digital copiers pose many of the same cybersecurity risks associated with computers. This is so because they’re also computers. Data thieves know that office copiers run on “smart” technology with hard drives that store information about printed, copied and scanned documents – a potential trove of sensitive data.  What steps should businesses take to protect the data across a copier’s lifecycle?  The Federal Trade Commission provides guidance online in Digital Copier Data Security: A Guide
Facebook has failed to prevent its feud with an Austrian privacy activist over the legality of two widely used mechanisms for transferring data between the European Union and the U.S., from reaching the EU Court of Justice. In a May 2nd ruling, the Irish High Court sided with activist Max Schrems and the Irish Data Protection Commissioner, rejecting Facebook’s request to stay the court’s October 2017 referral of the case to the EU Court of…
Data-rich companies like Facebook have a unique opportunity to capitalize on the recent surge in regulatory scrutiny and turn it to their advantage. Savvy tech companies are attuned to public opinion and won’t allow others to control the narrative. They are already taking steps to regain the upper hand in the privacy debate. Facebook demonstrated this during Senate hearings on the Cambridge Analytica “data breach” by announcing it would upgrade privacy features and offer its…
In a daylong Privacy Summit at Citizens Bank Park in Philadelphia, the co-chairs of Fox Rothschild’s Privacy & Data Security practice group led a series of panel discussions with leading cybersecurity professionals and government officials. Fox partner Elizabeth Litten, who serves as Fox Rothschild’s HIPAA Privacy & Security Officer, and partner Mark McCreary, the firm’s Chief Privacy Officer, moderated a two-part panel series examining cyber risk management for protecting company data. The first…
In the fourth quarter of 2017, we spearheaded a sweeping, cross-industry survey of chief executives to gauge corporate cybersecurity preparedness. The results revealed important organizational issues. The survey showed C-suite corporate leaders know their companies’ data is at risk but are not taking adequate measures to protect that data. Awareness: More than half of C-level officers recognized their companies were at high or very high risk of a data breach. Three quarters said they had…
The European General Data Protection Regulation (GDPR) comes into force on May 25, 2018.  This gives companies only two months to prepare for and comply with the GDPR. Companies should be conducting data mapping to identify all cross-border transfers of personal data so that they can determine the best way to comply with the GDPR requirements. The GDPR has been, perhaps, the most widely talked about privacy regulation for the past year and a half…