Privacy & Cybersecurity Newsletter

    Locke Lord Publications

    Locke Lord's Privacy & Cybersecurity Newsletter provides topical snapshots of recent developments in the fast-changing world of privacy, data protection, and cyber risk management. For further information on any of the subjects covered in the newsletter, please contact one of the members of our privacy and cybersecurity team.

    To read the Locke Lord Privacy & Cybersecurity Newsletter, click here.

    In This Issue

    Third Party Service Provider Cybersecurity Management: The (Not Quite) Last Requirement of the New York Department of Financial Services Cybersecurity Regulation
    In prior issues, we have reported on the various requirements imposed by the New York Department of Financial Services (the ‎DFS) Cybersecurity Regulation (23 NYCRR 500) (the Regulation) on “Covered Entities,” which are defined to include all licen-‎sees of the DFS.‎ read more

    HIPAA Enforcement Update (January 1, 2018 – December 11, 2018)
    Throughout 2018, the Department of Health and Human Services, Office for Civil Rights (OCR) has announced seven settle‎ment agreements and one civil monetary penalty to resolve allegations of Health Insurance Portability and Accountability Act ‎‎(HIPAA) violations.‎ read more

    Drone-Related Cybersecurity Risks Abound Both in the Air and on the Ground
    As the use of drones (small unmanned aerial systems or UASs) has continued to expand, a great deal of ink has already been ‎spilled over two categories of risk associated with their operation: 1) bodily injury and property damage caused by negligent ‎and/or malicious operations; and, 2) claims for invasion of privacy, nuisance and trespass.‎ read more

    The GDPR – Some Troublesome Aspects and Misconceptions, Part II: Confusion Around Marketing and Consent
    One of the main changes brought about by the GDPR is that it is much more difficult to obtain a valid “consent” from an indi-‎vidual to process his or her data.‎ read more

    California Consumer Privacy Act: A Priority for 2019
    As reported in our last newsletter, California has enacted a game-changer in the U.S. privacy regime.‎ read more

    California Takes the First Step With IoT: Will the Federal Government Follow?
    This past September, California became the first state to take a first (small) step in addressing Internet of Things (IoT) security. ‎read more

    Biometrics: Illinois Appellate Court Potentially Revives “No-Injury” Lawsuits Under the Biometric Information Privacy Act
    On September 28, 2018, an Illinois Appellate Court issued an opinion that will likely increase class action filings under Illinois’s ‎Biometric Information Privacy Act (“BIPA”). read more

    New Ohio Data Security Law Offers Safe Harbor: May Signal New Trend
    A first-of-its-kind data security law, the recently enacted Ohio Data Protection Act ‎ may signal the beginning of a new trend ‎in the legal approach to corporate cybersecurity obligations.‎ read more

    WM Morrison v Various Claimants – Employer Vicariously Liable for Data Protection Breach
    On October 22, 2018, the Court of Appeal of England and Wales gave its judgment in WM Morrison Supermarkets PCL v Var‎ious Claimants.‎‎ read more

    Dittman v. UPMC: Pennsylvania Employers have a Common Law Duty to Exercise Reasonable Care to Protect Employee Personal and Financial Data
    Pennsylvania’s highest court recently held that an employer has a common law duty to exercise reasonable care to safeguard ‎its employees’ sensitive personal information stored on the employer’s internet-accessible computer system.‎ read more

    Enforcement of the GDPR in North America – The Experience So Far
    By now, North American organisations will be well aware that they can be subject to the European Union’s (EU) new data pro-‎tection law, the General Data Protection Regulation (GDPR), without having a physical presence in the EU.‎ read more

    Explore Additional Topics


    Please understand that your communications with Locke Lord LLP through this website do not constitute or create an attorney-client relationship with Locke Lord LLP. Any information you send to Locke Lord LLP through this website is on a non-confidential and non-privileged basis. Therefore, do not send or include any information in your email that you consider to be confidential or privileged.