Archives

Healthcare Industry Needs to Get Back to Basics

Cybersecurity breaches and incidents are starting to feel like Groundhogs Day. Who do we have today? None other than HealthCare.gov, with the Washington Post recently reporting that HealthCare.gov was hacked compromising approximately 75,000 individual’s private information. HealthCare.gov is the system through which individuals can obtain healthcare coverage under the Affordable Care Act. As of 2018, […]

First Step of Data Privacy Compliance: Understanding Your Data

By Antonia Dumas, an Associate at XPAN Law Group. If you have been following our blog, we hope you know (and agree) that that data privacy is a priority. The next question is: what can you do for your company? You have recognized the importance of addressing data privacy issues and having been introduced to […]

Your Motherboard: Did Bloomberg Businessweek Cry Wolf About Tech Giants’ Supply Chains?

This post is authored by Kacey Jennings, a second-year law student at Villanova University’s Charles Widger School of Law. Ms. Jennings is a legal-intern with the XPAN Law Group. China has allegedly used tiny microchips to hack the most valuable publicly traded company in the world. No, this is not a description of a one-star […]

The FTC Faces New Hurdles After Eleventh Circuit Decision

This post is authored by Kacey Jennings, a second-year law student at Villanova University’s Charles Widger School of Law. Ms. Jennings is a legal-intern with the XPAN Law Group. When I was growing up, you couldn’t ask Alexa to play the newest album from your favorite artist. There was no Spotify or Apple Music in […]

The Shared Responsibility Model: Balancing Liability in a Matrix of Service Providers

As companies continue to develop new and innovative technologies, streamlining and automating operations, there is an increasing reliance on a number of third-party services to provide services and efficiencies. Each of these third-party providers adds (or attempts to add) a unique new *twist* on the old: more functionality, hopefully improved security, and any other add-ons […]

Privacy is a Blue Chip Investment for Businesses

I recently read an article in the wake of the precipitous drop in Facebook stock, titled: “Facebook ‘puts privacy first’ and stocks plunge 20%”. The title alone was enraging. To suggest that prioritizing privacy can cause Facebook to suffer a devaluation is preposterous and a serious disservice to companies everywhere. But, before the air gets […]

So, it begins: California adopts legislation that reminds many of the GDPR

A common question that we receive at our firm is: will the U.S. adopt legislation similar to the GDPR? And, if yes, what will that look at? Well, let us look into our “magic-8” ball . . . . And, no surprise, it looks like privacy is moving (slowly) across the pond to the US […]

Privacy Is the New Black

It seems to have all started with the Health Insurance Portability and Accountability Act (HIPAA), which was passed in 1996 and signed into law by President Bill Clinton. Then, after stumbling around for almost a decade, in 2009 the HITECH Act was signed by President Barack Obama which gave the necessary teeth to the privacy […]

And the Saga Continues: On The Road Again to the CJEU with Shrems II

Facebook has been caught in a legal battle concerning the adequacy of its data protection well before the Cambridge Analytical revelations that came to light in the past few weeks. While spending a semester in the United States studying at Santa Clara University, Austrian law student Max Schrems first became aware of Facebook’s limited grasp of the severity of European Union (“EU”) data protection laws in 2011 when a privacy attorney from Facebook spoke to his class. Angered by the lack of appreciation of the EU privacy law in his home continent, Schrems decided to write his thesis paper about “Facebook’s Misunderstanding of Privacy Law in Europe.” During the course of his research, Schrems learned that Facebook had been violating strict EU privacy law, which prompted him to file numerous complaints with the Irish Data Protection Commission (DPC) in 2011. He later rescinded this set of complaints because the DPC had ignored his efforts.

Is Nothing Sacred? Recent Hackings on Our Governmental Entities

Somewhere, in another country or hidden in a basement down your street, a hacker is waiting in the dark searching for the vulnerabilities in our national infrastructure.  They are scanning systems for any threat vector which can serve as their entry into our world. This past week, we were treated to two recent hacking incidents against governmental entities that are the shape of things to come.