Gallagher hammered in £11 million broker negligence ruling
Broker found at fault over Lloyd’s, Hiscox, QBE policy mess up Insurance Business Magazine reports: Read more at Insurance Business Magazine.
Operators of New Jersey Company Sentenced to Prison and Enter into Related Civil Settlement Agreement for Roles in $127 Million Health Care Fraud and Kickback Scheme
Two operators of a New Jersey marketing company were sentenced to prison for their roles in conspiracies to commit health care fraud and to pay and receive illegal kickbacks Two operators of a New Jersey marketing company were sentenced to prison for their roles in conspiracies to commit health care fraud and to pay and […]
Florida Bar Urges Law Firms to Adopt Incident Response Plans: A Call to Action for Legal Professionals
From Jackson Lewis: In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to better prepare for and respond to data security incidents. The recommendation reflects a growing recognition across professional service industries—particularly law […]
$6.5M Navvis, SSM Health ransomware data breach class action settlement
Top Class Actions reports: Navvis and SSM Health have agreed to a $6.5 million class action lawsuit settlement to resolve claims that they failed to prevent a 2023 data breach that compromised sensitive patient information. The SSM Health settlement benefits anyone whose private information was compromised in the Navvis and SSM Health data breach between […]
Breaches Within Breaches: Contractual Obligations After a Security Incident
It is important to review any contract with a vendor or business associate in terms of who will be responsible for notifying affected customers or patients of any breach. A post by Robinson + Cole discusses a lawsuit stemming from a dispute over the responsibility of a business associate following a breach. According to the […]
DOJ Announces 90-Day Grace Period for Companies to Comply with New Data Security Rules on Foreign Adversary Access to U.S. Sensitive Data
Seen at SheppardMullin: The U.S. Department of Justice (DOJ)’s new data security rule went into effect April 8, 2025. The rule creates what are effectively export controls and requires companies to take measures to prevent U.S. sensitive personal and government-related data from falling into the hands of foreign adversaries. The rule targets transactions (including data […]
$3.6M Retina Group of Washington data breach class action settlement
Top Class Actions reports: Retina Group of Washington (RGW) has agreed to a $3.6 million class action lawsuit settlement to resolve claims that it failed to prevent a 2023 data breach. The Retina Group of Washington settlement benefits anyone whose personal information was potentially accessible in the company’s data breach on March 26, 2023. The […]
Queensland’s IPOLA Guidelines – New Mandatory Notification Data Breach Scheme
Ashurst reports: On 4 December 2023, the Queensland Parliament gave assent to the Information Privacy and Other Legislation Amendment Act 2023 (Qld) (Act), with privacy reforms to the Information Privacy Act 2009 (Qld) (IP Act) to commence 1 July 2025. You can read more about that here. In Queensland it has not been compulsory for agencies to notify the Office […]
Justice Department Implements Critical National Security Program to Protect Americans’ Sensitive Data from Foreign Adversaries
Department Answers Frequently Asked Questions, Provides Guidance, and Issues Limited Enforcement Policy for First 90 Days Today, the Justice Department took significant steps to move forward with implementing a critical program to prevent China, Russia, Iran, and other foreign adversaries from using commercial activities to access and exploit U.S. government-related data and Americans’ sensitive personal […]
BakerHostetler launches 2025 Data Security Incident Response Report
BakerHostetler has released its 2025 Data Security Incident Response Report, which provides insight and analysis from more than 1,250 data security incidents managed by the firm this past year. Their report features a deep dive into critical components of security incidents (e.g., response timeline, average ransom payment amount, frequency of litigation) as well as an examination of […]