Join members from our award-winning Privacy and Cybersecurity practice at this week’s IAPP Privacy. Security. Risk. 2019 conference in Las Vegas. We hope to see you at one of our sessions listed below.
On January 31, the Federal Trade Commission announced a settlement with GMR Transcription Services following the public exposure of thousands of medical transcript files containing personal medical information. According to the FTC complaint, GMR failed to adequately verify that its overseas service provider implemented reasonable and appropriate security measures to protect personal information being transmitted and processed. This settlement, the FTC’s 50th with respect to data security, highlights the need for companies to engage in thorough vendor management and oversight with respect to data security practices.
The Evolving Legal Framework Regulating Commercial Data Security Standards, an article by Hogan Lovells associate Bret Cohen, was featured in the January/February 2014 cybersecurity law issue of the Maryland Bar Journal. The article covers the sources of regulation and potential legal liability in the U.S. for businesses who experience data security breaches, including general consumer protection laws, state data security laws, federal sectoral laws, and consumer class action litigation.