Cybersecurity risk continues to evolve at an astonishingly rapid rate, prompting companies to review and adjust their plans to deal with the fast-moving threats posed by an increasingly connected world. At the same time, cybersecurity law and regulation around the world are coming of age. In this complex and uncertain environment, it is not surprising that lawyers are increasingly being asked to guide on governance, counsel on compliance and risk allocation, and lead in the event of a cyber incident.
Drawing on our work with clients across the globe, Hogan Lovells’ cross-practice team of cybersecurity lawyers has launched Ready, Set, Respond, a new set of online cybersecurity resources.
The Department of Health and Human Services Office for Civil Rights is taking an aggressive stand on HIPAA enforcement and targeting violations related to security risk assessments and business associate agreements. Three resolution agreements posted in the last month make clear that the agency expects entities subject to HIPAA to take appropriate steps to secure their data, regardless of the size or type of the entity.
The Evolving Legal Framework Regulating Commercial Data Security Standards, an article by Hogan Lovells associate Bret Cohen, was featured in the January/February 2014 cybersecurity law issue of the Maryland Bar Journal. The article covers the sources of regulation and potential legal liability in the U.S. for businesses who experience data security breaches, including general consumer protection laws, state data security laws, federal sectoral laws, and consumer class action litigation.