Litigation and legal developments concerning data breaches.
Bloomberg Law reports: As another cybersecurity compliance deadline hits in New York, the impact may be most deeply felt by smaller companies—as well as vendors and other businesses outside the financial sector that technically aren’t within scope of the regulation. The New York Department of Financial Services’ (NYDFS) latest Cybersecurity Regulation amendments go into effect […]
A press release from the Department of Justice
Seen on The National Law Review: On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates a new data security mandate for financial corporations—a category that includes non-depository entities regulated by the Department of Financial Institutions […]
Broker found at fault over Lloyd’s, Hiscox, QBE policy mess up Insurance Business Magazine reports: Read more at Insurance Business Magazine.
Two operators of a New Jersey marketing company were sentenced to prison for their roles in conspiracies to commit health care fraud and to pay and receive illegal kickbacks Two operators of a New Jersey marketing company were sentenced to prison for their roles in conspiracies to commit health care fraud and to pay and […]
From Jackson Lewis: In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to better prepare for and respond to data security incidents. The recommendation reflects a growing recognition across professional service industries—particularly law […]
Top Class Actions reports: Navvis and SSM Health have agreed to a $6.5 million class action lawsuit settlement to resolve claims that they failed to prevent a 2023 data breach that compromised sensitive patient information. The SSM Health settlement benefits anyone whose private information was compromised in the Navvis and SSM Health data breach between […]
It is important to review any contract with a vendor or business associate in terms of who will be responsible for notifying affected customers or patients of any breach. A post by Robinson + Cole discusses a lawsuit stemming from a dispute over the responsibility of a business associate following a breach. According to the […]
Seen at SheppardMullin: The U.S. Department of Justice (DOJ)’s new data security rule went into effect April 8, 2025. The rule creates what are effectively export controls and requires companies to take measures to prevent U.S. sensitive personal and government-related data from falling into the hands of foreign adversaries. The rule targets transactions (including data […]
Top Class Actions reports: Retina Group of Washington (RGW) has agreed to a $3.6 million class action lawsuit settlement to resolve claims that it failed to prevent a 2023 data breach. The Retina Group of Washington settlement benefits anyone whose personal information was potentially accessible in the company’s data breach on March 26, 2023. The […]
