Featured

Attorneys General from 32 States and the District of Columbia Throw Their Collective Weight Behind Data Breach Settlement

On October 3, 2012, Nationwide Mutual Insurance Company and its wholly-owned subsidiary Allied Property & Casualty Insurance Company experienced a data breach when a hacker exploited a vulnerability on the companies’ web application hosting software. This hack resulted in the compromise of the personal information of 1.27 million consumers, including social security numbers, driver’s license numbers, credit scoring information, and other data used to provide insurance quotes.

Continue reading

Featured

The Risk in Conducting Your Risk Assessment

Few things have upended the world of cybersecurity regulation in the United States recently more than the new cybersecurity regulations issued by the New York State Department of Financial Services (“DFS”) in March of this year. Found in 23 N.Y.C.R.R. Part 500, these new regulations are sweeping in scope and reach far beyond the financial services sector in New York, affecting entities that support that sector as well as a number of other entities that may not have thought of themselves as governed, even in part, by DFS.

Continue reading

Featured

In the News: Financial institutions learn about new cybersecurity regulations.

"When this hits a health care provider or other folks who are on the first line of defense where people's health and safety are concerned, you can certainly understand that decision, but at the end of the day, you have no assurance that the very same ransomware attack isn't going to be recreated the next day and ask for even more money." 

Continue reading

Featured

The Dangers of Regulatory Creep - Do New York DFS Cybersecurity Regulations Apply to Federally Chartered Financial Institutions?

In February 2017, the New York State Department of Financial Services (“DFS”) finalized a new set of cybersecurity regulations that governs New York’s banking, insurance, and financial services industries. Entities in those industries are required to develop and implement cybersecurity programs tailored to their individual risk levels. See Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.§ 500.02.

Continue reading

Featured

ISP Privacy Rule Update: Federal Government Out, State Governments In

The Federal Communications Commission (“FCC”) adopted rules in 2016 that restricted Internet Service Providers (“ISPs”), such as Verizon, AT&T, and Comcast, from sharing sensitive data, including browsing history and location data, without consumer consent. We discussed these groundbreaking rules in our previous blog post.

Continue reading

Disclaimer

This website presents only general information not intended as legal advice. Although we encourage calls, letters and emails from prospective clients, please keep in mind that merely contacting Harter Secrest & Emery LLP (HSE) does not establish an attorney-client relationship between us. Confidential information should not be sent to HSE until you have been notified in writing by HSE that a formal attorney-client relationship has been established. Information sent to us before then may not be treated as confidential by HSE or the court.

I have read this and agree     Cancel

Our website uses cookies. By continuing to use our site, you agree to our use of cookies in accordance with our Privacy Policy.