Data Security Law Journal Focusing on legal trends in data security, cloud computing, data privacy, and anything E

Monthly Archives: September 2012

Congress asks the Fortune 500: “Where’s your cybersecurity plan?”

Posted in Data Security

On September 19th, U.S. Senator John Rockefeller, writing on behalf of the Senate’s Committee on Commerce, Science, and Transportation, sent a letter to the Fortune 500 Chief Executive Officers seeking information about their cybersecurity policies and their positions on certain cybersecurity issues.  (Read the Committee’s press release here). The letter is a result of the Senate’s… Continue Reading

Private Lawsuits Arising From Data Breaches – The Eleventh Circuit Weighs In

Posted in Data Breach, Data Security, Health Care Industry, Lawsuits

Last week, the United States Court of Appeals for the Eleventh Circuit decided Resnick v. AvMed, Inc., No. 11-13694 (11th Cir. Sep. 5, 2012).  The Court’s opinion addresses some important issues regarding an individual’s right to bring a private lawsuit when her personally identifiable information or protected health information is compromised.  In its decision, the… Continue Reading

The SEC Is Cracking Down on Companies That Do Not Disclose Cyber Incidents

Posted in Data Security, SEC

As I wrote in a previous post, the Securities and Exchange Commission’s (SEC) Division of Corporation Finance issued a Disclosure Guidance on October 13, 2011, that states publicly traded companies may be obligated to disclose cyber incidents and the risk of cyber incidents, depending on the application of various factors. Now, according to a recent… Continue Reading