The Seventh Circuit’s ruling in Remijas v. Neiman Marcus Group, LLC may have removed a substantial hurdle for data-breach class actions (as we previously discussed) by holding that “injuries associated with resolving fraudulent charges and protecting oneself against future identity theft” were sufficient to confer Article III standing.  But does that ruling remove all of the major obstacles to data-breach class actions?  Absolutely not.  There are still additional daunting hurdles in a plaintiff’s path to obtaining class certification
Continue Reading Remijas v. Neiman Marcus—Overhyped and Overblown

*This is the first post in a five-part series on cyber insurance, culminating in a webinar entitled “Insurance Coverage for Privacy and Data Breaches: Hot Topics and Critical Issues” on Wednesday, April 22, 2015, at 12:00-1:00 p.m. Eastern. 

One of the most common questions we hear from CEOs, CFOs and Directors of businesses and public and private institutions is “Do I really need cyber insurance?”  Our answer is always an emphatic “Yes,” whether it is a
Continue Reading Cyber Insurance: Do I Really Need It?

Theft or accidental loss of a laptop, thumb drive or other device is “[t]he single most common way that protected health information is compromised.” And while violating the Health Insurance Portability and Accountability Act’s Privacy and Security Rules can result in million-dollar fines, HIPAA does not provide for a private right of action. So when an employee of Alere Home Monitoring Inc. had a company laptop containing patients’ medical information stolen out of her car in 2012, plaintiffs filed
Continue Reading Healthcare Home Monitoring Company Avoids FCRA Liability Over Stolen Laptop