Beth Waller Offers ‘Buyer Beware’ on Incident Response Coverage, Mandiant Cyber Snapshot, Issue 3

In Issue 3 of Mandiant’s Cyber Snapshot, WRVB Cybersecurity and Data Privacy Practice Group Leader Beth Waller explains the nuances of incident response (IR) coverage and urges careful examination of specimen policies before you buy. “A careful read of your… Read more

March 16, 2023 | Cybersecurity & Data Privacy

Beth Waller Highlights Uniqueness of Virginia Consumer Data Protection Act (VCDP)

In an article published on March 3 on Law.com, Beth Waller discusses the similarities and differences between California and Virginia data privacy laws. Virginia’s Consumer Data Protection Act (VCDPA), which went into effect on January 1, 2023, provides Virginia residents… Read more

March 14, 2023 | Cybersecurity & Data Privacy

Reviewing Online Tracking Technologies Could Keep HIPAA-Regulated Entities Out of Hot Water

By Elizabeth Barry Heddleston

A patient surfs a hospital system’s website and reads an article about depression and anxiety. The patient then searches the hospital’s website for mental health providers in the area. A few hours later, the patient logs into her social media… Read more

March 8, 2023 | Cybersecurity & Data Privacy | Health Law

HIPAA Security Rule: What are “Recognized Security Practices” and why are they important?

By Elizabeth Barry Heddleston

A strong cybersecurity program can help defend against cyber attacks and protect sensitive patient data. Thanks to a 2021 amendment of the HITECH Act, when a breach occurs, it can also reduce enforcement penalties. The amendment affords regulatory protection to… Read more

November 10, 2022 | Cybersecurity & Data Privacy | Health Law

Biometric Privacy Trial Is a Milestone in Privacy Law

By Elizabeth Burgin Waller

Generally, biometric privacy laws seek to protect the unique attributes of human beings that could be leveraged to access sensitive information about them, such as fingerprints and the measurements utilized for facial recognition technologies. Illinois has emerged as a… Read more

October 25, 2022 | Cybersecurity & Data Privacy

Ransomware — What it is, how to avoid it, and what to do if you are infected.

By Jonathan V. Gallo

Ransomware has been one of the top cyber threats in the past several years. Thanks to the WannaCry attack of 2017 and others, most people have heard of this type of cyber threat, but many do not know how it… Read more

October 14, 2022 | Cybersecurity & Data Privacy

Why You Need to Enable MFA For Your Business Now

By Jonathan V. Gallo

Creating passwords needs to be a challenge, not for you to remember but for others to guess. Yet, the digital world is changing. A single sign-on password is pretty easy for unsavory characters to hack. Statistics indicate in 2021, there… Read more

October 10, 2022 | Cybersecurity & Data Privacy | Technology Roundup

A New Day for Data Privacy: California Privacy Act Exemptions Will Expire

By Elizabeth Burgin Waller, Elaine D. McCafferty

January 1, 2023, is now a more ominous deadline in the data privacy compliance world. Privacy professionals have been watching California’s 2022 legislative session to see whether California Consumer Privacy Act (CCPA) exemptions for employee data and business-to-business communications would… Read more

September 1, 2022 | Cybersecurity & Data Privacy

Internal Inferences Must Be Disclosed to Consumers Under CCPA

By Elizabeth Burgin Waller

In an opinion released on March 10, 2022, California Attorney General Rob Bonta addressed the applicability of the “right to know” under the California Consumer Privacy Act (CCPA) (pdf) to internal inferences that organizations develop about individuals. The opinion clarified… Read more

April 15, 2022 | Cybersecurity & Data Privacy

Proposed SEC Cybersecurity Rules Require Public Companies to Act Now

By Elizabeth Burgin Waller

This month, the Securities and Exchange Commission (SEC) proposed new cybersecurity disclosure rules for publicly traded companies. The comment period is ongoing, but the take-away for public companies is immediate: a public company (no matter how large or small) needs… Read more

March 24, 2022 | Cybersecurity & Data Privacy

Cybersecurity & Data Privacy