By Ksenia Koroleva On July 6, 2016, Russian President Vladimir Putin signed Federal Law No 374-FZ. This law is also known as the “Yarovaya” law (named after a Russian senator who was the main driving force for the law to come into existence). The Yarovaya law introduces amendments to certain Russian federal laws. The majority … Continue Reading
By Kevin Boyle & Alex Stout Hardly a day passes now without some new report of a security vulnerability with inevitable breaches that follow, but Monday’s news about the two-year old vulnerability in OpenSSL is (or should be) catching everyone’s attention. The problem is a coding error in a widely used cryptographic software library for … Continue Reading
By Elizabeth Richards and Kevin Boyle On June 14, 2013, the Food and Drug Administration (“FDA”) issued a draft guidance entitled, “Content of Premarket Submissions for Management of Cybersecurity in Medical Devices.” (“Guidance”). The Guidance was issued in response to growing concerns about IT vulnerabilities due to the increased use of wireless, Internet and network-connected … Continue Reading
By Kevin Boyle and Aryeh Richmond Here is a reminder that the Federal Trade Commission’s revisions to its Children’s Online Privacy Protection Rule become effective on July 1. If you haven’t already, now is the time to make sure you have revisions to meet the rule in place as FTC and state attorney general inquiries … Continue Reading
By Jennifer Archie On Friday, Feb. 1, 2013, following the now expected series of public workshops and roundtables and well-timed enforcement actions, the Federal Trade Commission Staff issued a new 36-page staff report, Mobile Privacy Disclosures: Building Trust Through Transparency. The Report summarizes past actions and guidance, and makes new recommendations for clearly and transparently … Continue Reading
By Susan Ambler Ebersole HHS today published the long-awaited HIPAA/HITECH omnibus final rule. A pre-publication version of the Rule was released on January 17. The Rule is effective March 26, 2013, but covered entities and business associates have until September 23, 2013 to comply. While Latham & Watkins is still engaged in a comprehensive review … Continue Reading
An August 2 webcast on Compliance and Enforcement in the Hospitality Industry looked at the FTC proceedings in the Wyndham Hotels matter and identified some key takeaways, while considering how similar issues might play out in the European Union. (For those unable to follow the live webcast, the full presentation is now available online.) Some … Continue Reading
As part of its cyber security legislative proposal unveiled on May 12, the Obama administration sent to Congress a proposed Data Breach Notification bill that would supersede similar state laws. If enacted, the bill would dramatically simplify response to data breaches involving residents from multiple states—a process that is now a maze of requirements, often … Continue Reading
The American Institute of Certified Public Accountants (“AICPA”) Statement of Auditing Standard No. 70, or SAS 70 as it is more commonly known, has been with us since April 1992. On 15 June 2011, it will effectively be replaced by two new standards: (i) a reporting standard for service organisations, the “Statement on Standards for … Continue Reading
The Interim Final Rule for Breach Notification for Unsecured Protected Health Information, issued pursuant to the Health Information Technology for Economic and Clinical Health (HITECH) Act, was published in the Federal Register on August 24, 2009, and became effective on September 23, 2009. During the 60-day public comment period on the Interim Final Rule, HHS received approximately 120 comments. HHS reviewed … Continue Reading
Illinois recently enacted the Employee Credit Privacy Act (“ECPA” or the “Act”), which prohibits employers from recruiting and hiring applicants based on such individuals’ credit histories or credit reports. The Act, which was adopted on August 11, 2010 and will take effect on January 1, 2011, generally prohibits employers from inquiring about an applicant’s or … Continue Reading
