Join Taft and Sikich for an informational session on Feb. 21 as two of our professionals share their experiences before and during a data breach and share their insights in the hopes of helping you better prepare for and survive a data breach. Register here.

Schedule:
3:30 – 4:00pm Registration & Networking
4:00 – 5:00pm Presentation
5:00 – 6:00pm Networking, drinks & hors d’oeuvres

Presenters:

Scot Ganow, Senior Counsel – Taft Stettinius & Hollister LLP
Scot is co-chair of
Continue Reading

Ohio is poised to lead the nation by incentivizing businesses to implement certain cybersecurity controls, which can be an affirmative defense to a data breach claim based on negligence. Under the proposed legislation, if a business is sued for negligently failing to implement reasonable information security controls resulting in a data breach, the business can assert its compliance with the cybersecurity control as an affirmative defense at trial.

For years we have counseled our clients to implement a comprehensive data
Continue Reading

Delaware has joined a growing number of states in updating and strengthening its data breach law. The new law expands the definition of what is considered personal information, requires companies to “implement and maintain reasonable security” for personal information in their possession, institutes a 60-day deadline for reporting the breach and mandates one year of free credit monitoring should a social security number be included in the breach. If your company has customers within the state of Delaware here a
Continue Reading

In the unfortunate event that your privacy has been breached and personal images have been stolen, there are several steps that can be taken to have this content removed from the internet. It is important that the following processes are initiated quickly. Once content is on the internet, it can spread quickly and make this process much more difficult and time consuming.

Here is a brief example to show how quickly an image can spread, increasing the difficulty in removing
Continue Reading

A new cyberattack, that is very similar to the WannaCry ransomware virus, is spreading across Europe. Taft’s Technology group is closely monitoring the situation and has prepared the following short summary of questions and answers about ransomware attacks, which in effect locks out users from accessing their files unless a ransom is paid via bitcoin.

Q: I have been hit with a ransomware attack, what are my options?

A: You can pay the ransom with the hopes of getting your
Continue Reading

Cybersecurity is not an aspect of your business that can be tackled once and then forgotten. The threats are constantly evolving. They require attention and resources. Here are 5 tips to make sure your company is prepared in case of an attack.

  1. Disaster Recovery Plan– Data is the lifeblood of most organizations. Where is your data stored? What would happen to your business if a natural disaster like a fire, flood or other catastrophe struck the location where your


Continue Reading

The Office of Civil Rights (OCR) first HIPAA settlement of 2017 is based on a failure to report a breach of health information in a timely manner. The settlement was reached with Presence Health, a large health care network that operates in approximately 150 locations in Illinois. Presence Health has agreed to settle the potential violations by paying a fine of $475,000 and implementing a corrective action plan to deal with this problem in the future.

The settlement stems from
Continue Reading

To effectively guard against an enemy of any kind it’s important to know your enemy. This strategy is just as effective when fighting an online battle to protect your company’s data.

Before you can effectively defend against cyberattacks, it is important to educate yourself on potential threats and how to handle them. We invite you to join us on September 7 for part two of the Columbus Cybersecurity Series featuring FBI agent David Fine returns. During this portion of the
Continue Reading

Savvy in-house counsel and business owners termsoften ask are whether the insurers selling cyber policies actually pay claims or whether the policyholders are just buying the right to later sue the insurers for coverage.  The initial wave of cyber insurance litigation involved policyholders trying to obtain coverage for data breaches under their standard commercial general liability policies.  This produced mixed results with some courts finding coverage, while others did not.  The next wave of cyber insurance litigation involved policyholders asserting
Continue Reading

The Seventh Circuit may have gone a long way to opening a flood of data-breach class actions when it held that “injuries associated with resolving fraudulent [credit-card] charges and protecting oneself against future identity theft” suffice as injuries to confer Article III standing on the plaintiffs in Remijas v. Neiman Marcus Group, LLC

Standing (whether a plaintiff has suffered an injury the courts will recognize) has historically proven to be a substantial hurdle to plaintiffs seeking to bring class
Continue Reading