Privacy & Security
Arent Fox is on the cutting edge of cybersecurity and data protection laws and has experience assisting clients with all aspects of privacy, cybersecurity, and data protection. Our group serves clients in regulated spaces such as health care and telecommunications and sophisticated industries including retail, gaming and entertainment, and media.
Arent Fox’s interdisciplinary team of cybersecurity and data protection attorneys handle the full scope of data security and protection issues. We regularly advise clients on how to protect their data at every stage, from advice and counseling to investigations, incident planning and response, litigation, and even securing insurance policies to mitigate risks and liabilities. We work with companies to develop internal security and governance programs; advise businesses on the collection of data in retail locations as well as in online including via social media marketing and e-commerce platforms; and conduct internal investigations in response to critical data breaches. We also work with companies to implement privacy and data security protection by using IT agreements to control data access by their employees, reconfiguring data security when moving IT operations to the cloud, and protecting against cyber risks that can arise from third party IT vendors.
We routinely advise on the biggest trends in privacy and data security such as: handling ransomware incidents; cyber threat and new technology systems; NIST, ISO, PCI-DSS, and other security standards; payment security and mobile payment trends; aggregate and anonymized data collection in advertising; FTC guidance and enforcement; the Internet of Things; cross-border data transfer issues; the EU General Data Protection Regulation (GDPR); health information privacy, security, and breach notification; as well as federal- and state-level regulatory compliance.
Join Arent Fox LLP, Women in Security and Privacy, and IOActive for a happy hour and networking event in San Francisco on October 19 at Arent Fox's San Francisco office.
* The following article was originally published by Healthcare Informatics. To read it on the Healthcare Informatics website, click here.
Healthcare professionals who are in a position to recommend the use of fitness apps need to be aware that patients’ personal data can be used in ways that HIPAA would prohibit and that will surprise patients who are trying to be smart about fitness in a smartphone world.
Partner Sarah Bruno will discuss "No Man’s Land: Top 5 Privacy & Security Challenges for Unmanned Systems" at the first US Meetup of Berlin-based DRONEMASTERS. Other topics for the evening include smart homes and drone ports, robotic aerial security, the commercial drone industry, and cross-border drone issues.
DRONEMASTERS MeetUps are an established series of events to network with startups, corporates, investors, public stakeholders and scientific institutions across all industries and branches.
What’s the News?
The enactment of new Federal Aviation Administration (FAA) regulations governing unmanned aircraft systems – or “drones” – has companies and consumers alike dreaming of the stuff of science fiction, but if the new regulations are any indication, the FAA is in no rush to see those dreams become reality. While the drone regulations permit use of drones for a variety of commercial purposes, the FAA declined to clear the way for package delivery by drone.
*This article was originally published in E-Commerce Law Reports
The Federal Trade Commission asserted its data security authority in two recent back-to-back enforcement actions, only a day apart from each other.
On June 24, 2016, the non-profit Catholic Health Care Services of the Archdiocese of Philadelphia (CHCS) agreed to settle potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule with the U.S. Department of Health and Human Services (HHS). This is HHS’ first resolution agreement and monetary penalty against a business associate (BA) under HIPAA.
Ransomware is old news – it has been around at least since 1989 – but it has only now started to attract widespread attention. Ransomware is a type of malicious software (or malware, for short) that blocks access to the infected device, to some or all of the information stored in the device, or even worse, to files in the device’s network. To unlock either the device or the data, the responsible cybercriminals require the victim to pay a ransom. Ransomware is typically enabled when a victim clicks on malicious links in an email or online.
What’s New? (The GDPR.)
ABOUT ARENT FOX LLP
Arent Fox LLP, founded in 1942, is internationally recognized in core practice areas where business and government intersect. With more than 350 lawyers, the firm provides strategic legal counsel and multidisciplinary solutions to clients that range from Fortune 500 corporations to trade associations. The firm has offices in Los Angeles, New York, San Francisco, and Washington, DC.