{ Banner Image }

Showing 24 posts by Amanda J. Dernovshek.

Michigan Marijuana Retailers: Data Privacy and Cybersecurity Risks

More than 30 states have legalized medical marijuana and more than 10 have legalized marijuana for recreational use, including Michigan in a 2018 ballot proposal. Marijuana retailers have significant issues to address as the industry and the rules governing it mature over time. Among those issues, retailers should not overlook data privacy and cybersecurity issues.   Read More ›

Categories: Cybersecurity, Electronic Health Records, HIPAA

SEC-Regulated Companies Should Address Cybersecurity to Avoid Enforcement Risks

If 2018 was any indication, cybersecurity compliance should be high on the list of SEC-regulated companies’ priorities in 2019. Take, for example, the SEC’s 2018 enforcement action against Voya Financial Advisor, Inc. (“Voya”) for violation of the Red Flags Rule, which resulted in a $1 million settlement. Read More ›

Categories: Compliance, Cybersecurity

Are Boards of Directors Responsible for Cybersecurity?

Whose responsibility within a company is cybersecurity? Should key decisions fall to IT, or should higher management be involved more heavily in day-to-day cybersecurity risk management? Given the large fines and compliance obligations facing companies today, it’s probably obvious to most that data privacy and security is not just a technology issue. Read More ›

Categories: Cybersecurity, Digital Assets

Ohio Enacts Unique Safe Harbor to Reduce Data Breach Litigation Risks

On November 2, 2018, Ohio became the most recent state to update its data breach laws by enacting the Ohio Data Protection Act. Read More ›

Categories: Cybersecurity, Digital Assets