A significant change is happening to payment card technology. Any company that accepts credit cards as a form of payment needs to know about it if they intend to continue accepting payment cards in the future. The technology is called “EMV” (EuroPay, MasterCard, Visa). The card brands hope that EMV technology will significantly reduce the
Data Security
FDA Issues Draft Guidance on Postmarket Cybersecurity Programs for Medical Devices
By Al Saikali & Tim Moore on
In 2014, the Food and Drug Administration (“FDA”) articulated its expectations for how device manufacturers address cybersecurity premarket in Content of Premarket Submissions for Management of Cybersecurity in Medical Devices. Recently, the FDA released complementary draft guidance in Postmarket Management of Cybersecurity in Medical Devices. In the new guidance, the FDA explains what…
60 Minutes Reports on Payment Card Data Breaches
By Al Saikali on
Ever wonder how your credit card gets compromised and how the bad guys get your information? This report on tonight’s episode of 60 Minutes provides an overview of what happens from the moment you swipe your card at the point-of-sale terminal to the moment when the card number is compromised and sold on a black…
Why Every Business Should Care About Florida’s Information Protection Act
By Al Saikali on
My last post described what the recently passed Florida Information Protection Act (FIPA) will do. This post analyzes how FIPA differs from Florida’s existing breach notification law and explains why those differences will hurt or help companies that maintain information about Florida residents. Florida’s Governor must still sign the FIPA into law, but his signature…
Everything You Need To Know About Florida’s New Data Protection Law
By Al Saikali on
The Florida Legislature recently passed the Florida Information Protection Act of 2014 (FIPA). This post describes the FIPA and analyzes the advantages and disadvantages to businesses governed by the new law. The FIPA must still be signed by the Governor, but the law received unanimous support in the legislature, so his signature is expected. Once…
The Target Data Breach Lawsuits: Why Every Company Should Care
By Al Saikali on
Plaintiffs’ lawyers were falling over themselves last week in a race to the courthouse to sue Target as a result of its recent data breach. By at least one report, over 40 lawsuits have already been filed against Target, the first of which was filed the day after the breach became public. This…
Yet Another Potential Multimillion-Dollar Data Breach Settlement . . .
By Al Saikali on
Just when you thought it might be safe to go back into the water, another significant data breach lawsuit may be settling. Last week, I wrote about the proposed settlement in the AvMed lawsuit. The motion for a preliminary proposed settlement in that case was granted on Friday, and a Final Hearing is set for…
$3,000,000 Settlement Reached in Data Breach Lawsuit
By Al Saikali on
How much of a headache can a couple of stolen laptops cause your organization? How about a $3 million headache?? That is the amount of a settlement proposed in an Unopposed Motion in Support of Preliminary Approval of Class Action Settlement in Resnick/Curry v. AvMed, Inc., No. 1:10-cv-24513-JLK (S.D. Fla.), a data breach lawsuit…
Data Breach Lawsuits Settling in the Southern District of Florida
By Al Saikali on
Plaintiffs in data breach lawsuits around the country have had a difficult time surviving motions to dismiss and for summary judgment. A number of courts have rejected these lawsuits because they failed to allege or demonstrate cognizable injuries, standing, causation, and the requisite elements to withstand an economic loss rule defense. It is dangerous, however,…
Healthcare Organizations Take It On The Chin
By Al Saikali on
Posted in Data Breach, Data Breach, Data Privacy, Data Security, FTC, Health Care Industry, Lawsuits
If you have noticed an increasing number of high profile problems for healthcare organizations with respect to privacy and security issues these last few weeks you’re not alone. The issues have ranged from employee misuse of protected health information, web-based breaches, photocopier breaches, and theft of stolen computers that compromised millions of records containing unsecured…