Privacy & Cybersecurity Newsletter

February 2016

Locke Lord’s Privacy & Cybersecurity Newsletter provides topical snapshots of recent developments in the fast-changing world of privacy, data protection, and cyber risk management. For further information on any of the subjects covered in the newsletter, please contact one of the members of our privacy and cybersecurity team.

To read the Locke Lord Privacy & Cybersecurity Newsletter, click here.

In This Issue

California Attorney General Defines Minimum Requirements for 'Reasonable Cybersecurity'
California has now weighed in on the definition of “reasonable” security and minimum security requirements for all businesses through the California Attorney General’s 2016 Data Breach Report. read more

OCR for the Win: Lincare, Inc. HIPAA Enforcement Action
For the second time in history, on January 13, 2016, an Administrative Law Judge (ALJ) upheld the imposition of civil money penalties charged against a covered entity by the Office of Civil Rights in the Department of Health and Human Services (OCR) for violations of the Health Insurance Portability and Accountability Act of 1996, as amended (HIPAA). read more

A Common Standard for Evaluating Cyber Risk - Insurers Walk the Walk
Insurers have struggled to find a common baseline to measure cyber risks. Changes in technology, hacking and other data security risks and the shifting legal landscape concerning liability for data breaches have made the terrain particularly uncertain. read more

Testing the Limits - Cyber Coverage Litigation Update
The growing percentage of businesses that purchase cyber security and data privacy insurance portends a growing number of claims and, inevitably, litigation over some of those claims. read more

Rhode Island Amends Identity Theft Protection Act
Rhode Island recently amended its 10-year-old Identity Theft Protection Act effective June 26, 2016, further defining and refining existing data security and breach notification requirements, and adding a requirement to notify the Rhode Island Attorney General of certain breaches. read more 

Sixth Circuit Rules 10 Weeks of Camera Monitoring from Public Utility Pole Does Not Require a Warrant
A panel of the United States Court of Appeals for the Sixth Circuit ruled earlier this month in a case styled U.S. v. Houston (No. 14-5800) that a warrant was not required under the Fourth Amendment for federal agents to gather evidence of a defendant's activities in which he, according to the court, did not have a "reasonable expectation of privacy," despite the activities taking place on private property where the defendant lived. read more 

New Safe Harbor Agreement for EU Data Transfer Announced
Companies are relieved that there will now be a new Safe Harbor for cross-border transfer of personal data from Europe to the U.S. read more