On September 13, the New York Department of Financial Services issued proposed regulations that would require banks, insurance companies, and other financial services institutions to establish and maintain a cybersecurity program and to take other measures to protect against data breaches and cyber attacks.
Among the planned requirements, regulated financial institutions will be required to
On September 15, the Federal Trade Commission published a staff paper providing its perspective on the lead generation business. Although the FTC recognized some of the advantages of lead generation, the paper was a clear warning to “unscrupulous actors in the lead generation industry” of potential consequences. The staff paper signals that the FTC is
You cannot control when a data breach or other cyber incident will occur at your financial institution, but you can control how you prepare for it. Cyberattacks and incidents are increasing across every industry. This holds true for large financial players and small community banks alike. The rise of these incidents will have an impact
On September 12, the Federal Trade Commission announced that it is seeking comment on its rule regarding the Disposal of Consumer Report Information and Records. Under the Disposal Rule, a person is required to properly dispose of consumer information by taking reasonable measures to protect against unauthorized access or use of the information in
The Third Circuit recently affirmed a District Court’s dismissal of a data breach class action against Benecard Services Inc. (“Benecard”).
Benecard is a prescription benefit administrative services company that provides mail and specialty drug dispensing, managed vision services, and contact lens mail order services to public and private sector organizations. The instant case arose from
A plaintiff filed a complaint against an online university, alleging claims under the Telephone Consumer Protection Act and the Illinois Consumer Fraud and Deceptive Business Practices Act (“ICFA”) relating to the defendant’s alleged repeated and unsolicited calls to the plaintiff’s cell phone.
The defendant, Ashford University, LLC, allegedly called plaintiff Melissa Nelson’s cell
The District Court for the Southern District of California recently granted a motion to dismiss in a Telephone Consumer Protection Act case based on the Supreme Court’s decision in Spokeo, finding that the plaintiff failed to put forth evidence proving an injury-in-fact.
In Romero v. Department Stores National Bank, the defendant creditors allegedly
The Federal Trade Commission announced on August 29 that it is seeking public comment on its Standards for Safeguarding Customer Information, commonly known as the Safeguards Rule, as part of the FTC’s periodic retrospective review of the rules. The Safeguards Rule, effective May 23, 2003, was issued under the Gramm-Leach-Bliley Act and places certain requirements
We are pleased to announce that Troutman Sanders partner Ron Raether will be a featured speaker at the American Conference Institute’s 2nd National Forum on Data Breach & Privacy Litigation, to be held at The Carlton Hotel in New York City September 29-30.
Ron will participate in a panel discussion entitled “Class Actions: Data
The United States Department of Health and Human Services, Office for Civil Rights (“OCR”), has assessed a $5.55 million fine against an Illinois healthcare provider for alleged HIPAA data privacy violations. The settlement is the largest to date between the OCR and any single entity, and is one of several multi-million dollar settlements obtained by