On September 12, the 6th Circuit Court of Appeals concluded that members of a class action have Article III standing to sue Nationwide Insurance for negligence after hackers breached Nationwide’s computer network and stole personal information. Galaria/Hancox v. Nationwide Mut. Ins. Co., Nos. 15-3386/3387, 2016 WL 4728027 (6th Cir. Sep. 12, 2016). As with the P.F. Chang… Continue Reading
Earlier today Kari Timm moderated a panel on cyber risk and insurance for law firms and other professional firms during the 2013 PLUS Professional Risk Symposium. To see a short video discussion on cyber risks for professional services firms from the 2013 PLUS Professional Risk Symposium please visit the PLUS Blog (http://plusblog.org/2013/04/10/cyber-risk-and-professional-firms/).
The Seventh Circuit Court of Appeals ruled on January 11, 2013 that there is no coverage under a homeowner’s policy for an employee of an accounting firm who had a CD stolen from her car. The CD contained financial information and other PII of 30,000 members of a pension fund and client of the accounting… Continue Reading
In addition to the near-daily reports of more breaches, new laws and controversial workplace privacy issues, there have been 3 significant developments involving cyber and privacy already in 2013. 1. On January 17, 2013 the Department of Health and Human Services released its final “omnibus” rule in relation to HIPAA, effective March 26, 2013. The… Continue Reading
In today’s challenging economy, it is hard to turn away new business, whether from a client who provides a law firm with steady work, or a broker who contracts for investment services or a health care organization that contracts with a nursing registry. But what happens when the new client demands that as part of… Continue Reading
Although Ponemon’s Second Annual Benchmark Study on Patient Privacy and Data Security has shown some improvement for health organizations the overall message is still bleak. The second annual report examines changes from the past year that may have affected privacy and data protection in healthcare organizations. It also looks as how well the healthcare organizations are… Continue Reading
On August 31, 2011, California Governor Jerry Brown signed Senate Bill 24 (“SB 24”) into law. The bill amends the state’s security breach notification statute requirements for breach notifications sent to California residents. SB 24 also mandates electronic notification to the state Attorney General when a breach affects mores than 500 California residents. SB 24… Continue Reading
Health insurer WellPoint Inc. has entered into a settlement agreement with the Indiana Attorney General resolving the first lawsuit the AG filed under Indiana’s breach notification statute. In February 2010, a consumer notified Wellpoint that insurance applications containing personal information were accessible on Wellpoint’s website. The consumer reportedly contacted Wellpoint again on March 8, 2010. … Continue Reading