Compliance & Privacy Change: Video of panel discussion SmartEdgeLaw took part in at end of 2018 at NYC Javits Center finally dropped. “Compliance and Privacy Change: 2018 has seen new compliance and privacy changes, specifically with the introduction of GDPR and also with the new California consumer privacy act. How can businesses deal with these […]
Category: Risk Management
Webinar – 2019 Privacy, Compliance and Risk Management Strategies for Infosec Professionals
Please join SmartEdgeLaw Attorney Richard Santalesa and colleagues for a January 31 webinar covering “2019 Privacy, Compliance and Risk Management Strategies for Infosec Professionals” Information and registration are at: http://www.infosecurity-magazine.com/webinars/2019-privacy-compliance-risk/ Description: 2018 saw a number of new privacy and security compliance acts introduced, including the GDPR, the NIS Directive and California’s Consumer Privacy Act (CCPA), […]
Record HIPAA Violation Settlement – $16 million
Think HIPAA fines aren’t serious for violations of security and privacy rules around Protect Health Information? You may want to think again. Here’s the headline from a story out today: “Anthem Mega-Breach: Record $16 Million HIPAA Settlement“, which links to our friends at Gov InfoSecurity https://www.govinfosecurity.com/anthem-mega-breach-record-16-million-hipaa-settlement-a-11622 Though many enter into HIPAA/HITECH-driven Business Associate Agreements on a near […]
ABA Journal Quotes SmartEdgeLaw Group on Cybersecurity in Law Firms
Founding attorney, Richard Santalesa, is quoted in the Sept. 2018 ABA Journal about cybersecurity in law firms. The legal profession as a whole has lagged behind other segments in keeping its digital house locked down #cybersecurity #infosec #ABAJournal #datasecurity via ABA Journal http://www.abajournal.com/…/law_firms_cybersecurity_awarene…
Fairfield County Business Journal Profiles SmartEdgeLaw Group
We’re proud to be featured in the Fairfield County Business Journal. Our practice is tech-focused, reality-driven and above all embrace that legal is here to deliver solutions and recommendations not road blocks. Our firm works throughout CT and NYC and is constantly developing new approaches to meet your legal needs. Westport attorney takes a legal […]
Proposed cybersec regulations for New York financial institutions have a broad reach
As written by SmartEdgeLaw Group Attorney Richard Santalesa, in the September 30, 2016 IAPP Privacy Tracker and Daily Dashboard – at https://iapp.org/news/a/proposed-cybersec-regulations-for-new-york-financial-institutions-have-a-broad-reach/ Proposed cybersec regulations for New York financial institutions have a broad reach Richard Santalesa, CIPP/US Privacy Tracker | Sep 30, 2016 New York state’s long-awaited Cybersecurity Regulations For Financial Services Companies, issued by […]
Cybersecurity Regulations Issued by NYS Dept of Financial Services
New York State’s long-awaited Cybersecurity Regulations for financial institutions were released last week by the New York State Department of Financial Services (“NYDFS”) for a 45-day public notice and comment period, starting Sept 28, 2016, after which the Regs will go into effect on January 1, 2017, unless modified, as codified at 23 NYCRR Part […]
SmartEdge Presenting at IAPP KnowledgeNet on new CT data breach statute
The SmartEdgeLaw Group is happy to announce its participation in the upcoming Sept 29, 2015 IAPP KnowledgeNet to be held at the Hartford Convention Center in conjunction with the 2015 Information Governance Conference. Attendance at the KnowledgeNet is free of charge, but registration is required. IAPP members can received a 15% discount for the full InfoGovCon15 […]
SmartEdgeLaw Quoted on 3D Printing Legal Issues
SmartEdgeLaw Group Attorney was recently quoted on the legal issues and concerns for IP owners posed by the rise of 3D Printers in an article by noted technology journalist Pam Baker in InformationWeek’s article, 3D Printers: IT’s Next Great Data Challenge, available at http://www.informationweek.com/big-data/3d-printers-its-next-great-data-challenge/a/d-id/1321934. In the article Santalesa noted the difficulties that will arise regarding […]
SmartEdgeLaw View on FISMA 2.0 Quoted in FedTech Magazine
While data breaches at retailers and merchants get the headlines, governmental breaches – particularly on the federal level – are an all too common occurrence. According to federal watchdogs, there were 25,556 breaches of personally identifiable information in 2013, up from 10,481 in 2009. In response, SmartEdgeLaw’s opinion on the need and requirements of the […]
FTC Announces Workshop on Cross Device Tracking
Building on the FTC’s continued push into mobile issues and privacy, which it reinforced at the 2015 IAPP Global Summit in D.C. two weeks ago, the Federal Trade Commission today announced an upcoming workshop to explore the issues raised by cross device tracking – using browsers or apps to visit sites across different devices. As the FTC […]
What Does That Clause Mean in State Data Breach Statutes?
In light of the President’s recent call for enactment of the Personal Data Notification and Protection Act, containing a 30-day notification deadline, it’s worth noting that at present most state breach laws require state residents to be notified “without unreasonable delay,” which strikes me as a better compromise. Only Florida (30 days), Ohio (45 days), VT (45 days) and […]
Client Alert: Encryption for EMV and PoS Terminals
Clients field us questions on encryption constantly: What type to use, the differences between encryption-at-rest versus in transit, what qualifies as “strong” encryption under current best practices, key management, which encryption methods meet “government” standards so as provide “reasonable security,” recommendations for encrypted email vendors… the list goes on. However, a recent story focusing on EMV cards, which […]
Global Fraud Report: Consumers Frustrated With Financial Institutions
The newly released 2014 ACI Global Fraud Survey (links at bottom) paints a dramatic picture of the global debit/credit card fraud picture – raising a litany of concerns for consumers and financial institutions. Trust? In line with the study’s name and the different behavioral and fraud levels around the world, trust remains a huge issue regarding consumers’ trust of financial […]
FFIEC Rolls Out Cybersecurity Website For Financial Institutions
The Federal Financial Institutions Examination Council (“FFIEC”) recently launched a new cybersecurity website, effectively creating another valuable resource for financial institutions when it comes to addressing cybersecurity matters. Although less well known than Federal agencies with direct oversight and regulatory authority the FFIEC “is a formal interagency body empowered to prescribe uniform principles, standards, and […]
