Privacy & Security - US & Abroad
Arent Fox is on the cutting edge of privacy laws and has experience assisting clients with all aspects of privacy and data security. For example, we routinely assist companies with the development of an internal security protocol that meets the requirements of the applicable state and federal laws. In this regard, our practice groups have helped companies comply with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, the Gramm-Leach-Bliley Act (GLB), and the Children’s Online Privacy Protection Act (COPPA), as well as the Payment Card Industry Data Security Standard (PCI DSS) and related payment laws.
Our lawyers also routinely advise companies about online privacy, including providing advice on notification and consent, and when an opt-in is necessary, or merely suggested. In this capacity, we work with small and large businesses on their social media marketing to help them comply with all applicable rules, guidelines, and laws.
Finally, our team has notable experience with managing a reaction to a data breach, having been part of the response to one of the largest known data breach incidents. In this capacity, we assist with all aspects of the breach, including the consumer, regulator, and payment card industry notification procedures, and the compliance and protocol development after the incident.
Arent Fox’s Privacy, Cybersecurity & Data Protection team members were in attendance when the Federal Trade Commission (FTC) held its third FinTech Forum on March 9th, 2017. The Forum focused on the consumer implications of artificial intelligence (AI) and blockchain, two rapidly developing technologies.
Phishing scams are arising at a fast and furious pace in the first quarter of 2017, with the IRS recently issuing a warning that these attacks are now targeting non-profits and school districts. These organizations are new on the hit-list, as the phishing attacks have already been known to target for-profit corporations. Phishing is the general term used for how attackers try to persuade a user to provide information. These scams can be conducted by phone or email, and often are so realistic the recipient has no idea that it is not legitimate.
An Executive Order from President Trump’s first days in office raised questions about its impact on the hard-won Privacy Shield, which allows about 1,700 companies to legally transfer data between the EEA and Switzerland and the US. The Order adds a new layer of complexity to the agreements and regulations already at play through the Privacy Act, Judicial Redress Act, Umbrella Agreement, and Privacy Shield.
Companies transferring data from Switzerland to the US should take note: the Swiss-US Privacy Shield has arrived!
What’s the News?
On January 9, 2017, Presence Health agreed to settle with the U.S. Department of Health and Human Services (HHS) potential violations under the Breach Notification Rule of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). This is HHS’ first enforcement action against a covered entity that reported a breach, but did not do so timely.
ABOUT ARENT FOX LLP
Arent Fox LLP, founded in 1942, is internationally recognized in core practice areas where business and government intersect. With more than 350 lawyers, the firm provides strategic legal counsel and multidisciplinary solutions to clients that range from Fortune 500 corporations to trade associations. The firm has offices in Los Angeles, New York, San Francisco, and Washington, DC.