Marriott Cyberattack Fine Reduced as ICO Shifts Penalty Policy

Share

More than two years after receiving a massive initial fine, hotel chain Marriott International, Inc. reduces a cyberattack penalty by more than 80%. A shift in the United Kingdom’s Information Commissioner’s Office (ICO) calculation policy, along with other mitigating factors, led to the significant decrease. While the ICO reinforces the importance of responsibilities of data controllers in managing sophisticated cyberattacks, this latest development marks a continued shift away from turnover-centric penalty policies.

For the full alert, visit Faegre Drinker’s website.

Multiple Federal Agencies Jointly Warn of Increased and Imminent Cybercrime Threat to U.S. Hospitals and Healthcare Providers

Share

On October 28, 2020, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) issued a Joint Cybersecurity Advisory warning of “an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.” The agencies collectively warned that “malicious cyber actors are targeting the Healthcare and Public Health (HPH) Sector with Trickbot malware, often leading to ransomware attacks, data theft, and the disruption of healthcare services.”

Continue reading “Multiple Federal Agencies Jointly Warn of Increased and Imminent Cybercrime Threat to U.S. Hospitals and Healthcare Providers”

British Airways Faces Significantly Reduced £20M Fine for GDPR Breach

Share

At £20 million, the fine imposed on British Airways for its infringement of the General Data Protection Regulation is the biggest fine of its kind in the history of the U.K.’s Information Commissioner’s Office (ICO). Whilst markedly lower than the fine initially proposed, the process by which the revised figure was reached provides some interesting insights on the factors that regulators will take into account and is a clear sign that despite the current economic climate, the ICO is not afraid to enforce strict GDPR compliance.

For the full alert, visit the Faegre Drinker website.

But Wait, There Really Is More: California AG Releases New Proposed Modifications to the Final CCPA Regulations

Share

Throwing covered businesses a bit of a curveball, the California attorney general issued a third set of proposed changes to the formerly assumed “final” CCPA implementing regulations. Fortunately for those overseeing CCPA compliance, the revisions are largely clarifications of the existing regulations rather than fundamental changes. Interested stakeholders have until 5:00 p.m. Pacific Time on Wednesday, October 28, to submit comments.

For the full alert, visit the Faegre Drinker website.

Faegre Drinker on Law and Technology Podcast: The Internet of Things

Share

In the latest episode of the Faegre Drinker on Law and Technology Podcast, Faegre Drinker Counsel Jason G. Weiss and Partner Laura Phillips discuss the growth and evolution of the Internet of Things (IoT). In particular, they dive into the countless devices and use cases that make up the IoT universe, the regulatory issues that accompany commercial applications of IoT technology in the U.S., and the challenges of navigating the patchwork, ad hoc policies and regulations that currently govern this emerging space.

Continue reading “Faegre Drinker on Law and Technology Podcast: The Internet of Things”

Community Health Systems Enters Into Five-Million-Dollar, Multi-State Settlement Agreement in Connection with 2014 Data Breach

Share

On October 8, 2020, Community Health Systems, Inc. (Community Health) and its subsidiary CHSPSC, LLC entered into a settlement agreement with 28 states for $5 million to resolve claims related to a 2014 data breach. Community Health owns over 200 hospitals across the United States and is one of the largest hospital networks in the country. The multi-state settlement follows a separate $2.3 million settlement that Community Health reached with the U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) in connection with the same data breach.

Continue reading “Community Health Systems Enters Into Five-Million-Dollar, Multi-State Settlement Agreement in Connection with 2014 Data Breach”

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy