Privacy and Cybersecurity
Contact: Dena M. Castricone, Chair
The global technological advances that have enabled increased accessibility, transferability and collectability of data have also generated significant risks and obligations. The growing body of law governing data protection and the dramatic uptick in criminal cyber attacks have businesses across all industries on edge. Murtha Cullina's Privacy and Cybersecurity Group provides the full complement of services necessary to help clients mitigate risk and operate in this new, and ever more challenging reality. Our interdisciplinary team is composed of attorneys from all of our practice areas who stand ready to guide clients through these complex legal and practical challenges.
We provide the following services:
Data Breach Response, Coaching and Crisis Management
- Manage all aspects of data breach response, including compliance with multi-jurisdictional reporting and notification laws
- Partner with forensics and logistics experts to expedite response and mitigate damage
- Assess insurance coverage for cybersecurity incidents
Litigation/Government Investigations
- Data breach litigation
- Represent clients in investigations by the Office of Civil Rights, the Federal Trade Commission and State Attorneys General
Prevention and Planning
- Create written information security plans
- Draft policies and counsel businesses on regulatory compliance with privacy and security requirements including HIPAA, HITECH, Red Flag Rules, Gramm Leach Bliley, NYDFS Cybersecurity Regulation, and the General Data Protection Regulation
- Develop guidelines for document retention policies
- Advise on incident response, disaster recovery and breach continuity plans
- Develop social media policies, privacy policies and terms of use for websites and mobile apps
- June 22, 2018 - Privacy and Cybersecurity Group News: SCOTUS Requires Warrant for Cell Phone Location Records
- June 15, 2018 - Privacy and Cybersecurity Group News: OCR Issues Guidance on the Use of HIPAA Authorizations for Research
- May 25, 2018 - Privacy and Cybersecurity Group News: Three Important Considerations For All Businesses in Light of GDPR
- May 23, 2018 - Privacy and Cybersecurity Group News: Hospital Servers Infected with Malware for Over a Year Affect More than 500,000
- May 16, 2018 - Privacy and Cybersecurity Group News: DHS Issues Cybersecurity Strategy
- May 14, 2018 - Privacy and Cybersecurity Group News: Uber Catches Break in Data Breach Class Action
- April 11, 2018 - Privacy and Cybersecurity Group News: GAO Says CMS Must Do More to Protect Medicare Info
- April 1, 2018 - Privacy and Cybersecurity Group News: And Alabama Makes 50
- March 29, 2018 - Privacy and Cybersecurity Group News: D.C. Circuit Reins in FCC's Overbroad TCPA Interpretations
- March 22, 2018 - Privacy and Cybersecurity Group News: South Dakota is the 49th State to Enact a Breach Notification Law
- March 9, 2018 - Privacy and Cybersecurity Group News: The Standing Struggle in Data Breach Litigation Continues
- June 27, 2018 - Privacy and Cybersecurity Group News: Yahoo to Pay $80 Million to Settle Securities Class Action Based on Data Breaches
- March 2, 2018 - Privacy and Cybersecurity Group News: Welcomed Draft Commentary from the Sedona Conference on BYOD
- February 26, 2018 - Privacy and Cybersecurity Group News: SEC Issues New Cybersecurity Disclosure Guidance for Public Companies
- February 14, 2018 - Privacy and Cybersecurity Group News: Out-of-Business File Storage Company Paid $100K for Alleged HIPAA Violations
- January 22, 2018 - Privacy and Cybersecurity Group News: Can't This Just Be Over? Standing In Cybersecurity Claims
- January 8, 2018 - Privacy and Cybersecurity Group News: FTC Settles with Children's Electronic Toy Maker for Security Program Issues
- January 5, 2018 - Privacy and Cybersecurity Group News: Vulnerabilities to Most Computer Processors Revealed
- December 13, 2017 - Privacy and Cybersecurity Group News: 'Tis the Season: W-2 Phishing Scams Likely to Resurface After the New Year
- November 17, 2017 - Privacy and Cybersecurity Group News: No First Amendment Privacy Protection from Grand Jury Subpoena for Identity of Anonymous Reviewers on Glassdoor.com
- November 8, 2017 - Privacy and Cybersecurity Group News: National Data Breach Notification Law Proposed
- October 27, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #5
- October 23, 2017 - Privacy and Cybersecurity Group News: Feds Warn of Critical Infrastructure Attacks as CT Releases Report on Utility Company Cyber-Readiness
- October 21, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #4
- October 19, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #3
- October 18, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #2
- October 13, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #1
- October 3, 2017 - Privacy and Cybersecurity Group News: Legislature Addresses Ransomware Threat With Criminal Penalties
- July 19, 2017 - Municipal Group News: Municipalities Under Connecticut's New Cybersecurity Strategy
- July 18, 2017 - Information Security & Privacy and Health Care Group News: Protecting Data: Vendors May Be Your Weakest Link
- June 28, 2017 - Health Care & Long-Term Care Group News: Data Breaches Most Expensive For Health Care Industry But Precautionary Measures Can Keep Costs Down
- May 16, 2017 - Information Security and Privacy Group News: Five Things You Can Do to Protect Your Business From a Cyber Attack
- January 30, 2017 - Information Security and Privacy Group News: Phishing Alert: Employee W-2 Information at Risk
- August 18, 2016 - Information Security and Privacy Group News: Is Your Student Information Adequately Protected?
- March 31, 2016 - Information Security and Privacy Group News: Cities and Towns Being Targeted by Hackers: Connecticut Municipalities Must Follow Data Breach Laws
- March 24, 2016 - Information Security and Privacy Group News: Cybersecurity Conference Essential Take-Aways Government, Industry and Legal Perspectives
- December 22, 2015 - Information Security and Privacy News: Critical Cybersecurity Policies and Practices After the Settlement Order in FTC v. Wyndham Worldwide Corp.
- October 27, 2015 - Information Security and Privacy Group News: The Increased Risks of Not Protecting Customer Information in Data Breaches
- June 11, 2015 - Information Security and Privacy Group News: Connecticut's Data Security Law Expands
- March 23, 2015- The Anthem data breach and the response of Connecticut's legislature
- October 6, 2014 - Article by Robert J. Munnelly, Jr. in the Hartford Business Journal
- August 2014 - Information Security and Privacy Group News
- DID YOU KNOW? January 28, 2014 is "Data Privacy Day"
- Proceed with Caution: Security Breaches put Damper on 2013/14 Holiday Season
- HR Professionals: Simple Steps That Can Help Your Company Avoid Becoming A Data Breach Headline
- Connecticut Attorney General Seeks Enforcement Against Citibank for Information Security Breach
- Key Lessons From Serving on a Cybersecurity Panel at a Recent Conference
- Concerns With Using "Cloud" Document Sites for Confidential or Proprietary Information
- National Data Privacy Day
- Information Security and Privacy Update, September 2012
- Massachusetts Provider to Pay $1.5 Million to Resolve HIPAA Violations
- Murtha Cullina LLP Formalizes Information Security and Privacy Group
- Vendors and Your Employees' Personal Information - New Identity Theft Measures Take Effect March 1, 2012
- June 12, 2018 - Half-Day Cybersecurity Conference: Threat Evaluation & Incident Response
- August 23, 2017 - Suzanne Brown Walsh to speak on Fiduciary Access to Digital Assets to the IRS Estate and Gift Tax Group in New Carrollton, MD
- June 22, 2017 - H. Kennedy Hudner, Burt Cohen and Stephanie Sobkowiak to present at "Sales of Goods, Software/Cloud Licensing, Indemnifications, Cyber Security Issues in Contracting" CLE
- June 7, 2017 - Cyber Security Conference: Protecting our Businesses, State and Nation
- May 24, 2017 - Suzanne Brown Walsh to present on "Fiduciary Access to Digital Assets" at Fiduciary & Investment Risk Management Association's National Conference
- May 5, 2017 - Suzanne Brown Walsh to present on Fiduciary Access to Digital Assets to the Arapahoe county (CO) Bar in NYC
- March 4, 2016 - Cyber Security Half-Day Conference Protecting Your Digital Assets: Government, Industry and Legal Perspectives
Description
Contact: Dena M. Castricone, Chair
The global technological advances that have enabled increased accessibility, transferability and collectability of data have also generated significant risks and obligations. The growing body of law governing data protection and the dramatic uptick in criminal cyber attacks have businesses across all industries on edge. Murtha Cullina's Privacy and Cybersecurity Group provides the full complement of services necessary to help clients mitigate risk and operate in this new, and ever more challenging reality. Our interdisciplinary team is composed of attorneys from all of our practice areas who stand ready to guide clients through these complex legal and practical challenges.
We provide the following services:
Data Breach Response, Coaching and Crisis Management
- Manage all aspects of data breach response, including compliance with multi-jurisdictional reporting and notification laws
- Partner with forensics and logistics experts to expedite response and mitigate damage
- Assess insurance coverage for cybersecurity incidents
Litigation/Government Investigations
- Data breach litigation
- Represent clients in investigations by the Office of Civil Rights, the Federal Trade Commission and State Attorneys General
Prevention and Planning
- Create written information security plans
- Draft policies and counsel businesses on regulatory compliance with privacy and security requirements including HIPAA, HITECH, Red Flag Rules, Gramm Leach Bliley, NYDFS Cybersecurity Regulation, and the General Data Protection Regulation
- Develop guidelines for document retention policies
- Advise on incident response, disaster recovery and breach continuity plans
- Develop social media policies, privacy policies and terms of use for websites and mobile apps
News & Alerts
- June 22, 2018 - Privacy and Cybersecurity Group News: SCOTUS Requires Warrant for Cell Phone Location Records
- June 15, 2018 - Privacy and Cybersecurity Group News: OCR Issues Guidance on the Use of HIPAA Authorizations for Research
- May 25, 2018 - Privacy and Cybersecurity Group News: Three Important Considerations For All Businesses in Light of GDPR
- May 23, 2018 - Privacy and Cybersecurity Group News: Hospital Servers Infected with Malware for Over a Year Affect More than 500,000
- May 16, 2018 - Privacy and Cybersecurity Group News: DHS Issues Cybersecurity Strategy
- May 14, 2018 - Privacy and Cybersecurity Group News: Uber Catches Break in Data Breach Class Action
- April 11, 2018 - Privacy and Cybersecurity Group News: GAO Says CMS Must Do More to Protect Medicare Info
- April 1, 2018 - Privacy and Cybersecurity Group News: And Alabama Makes 50
- March 29, 2018 - Privacy and Cybersecurity Group News: D.C. Circuit Reins in FCC's Overbroad TCPA Interpretations
- March 22, 2018 - Privacy and Cybersecurity Group News: South Dakota is the 49th State to Enact a Breach Notification Law
- March 9, 2018 - Privacy and Cybersecurity Group News: The Standing Struggle in Data Breach Litigation Continues
- June 27, 2018 - Privacy and Cybersecurity Group News: Yahoo to Pay $80 Million to Settle Securities Class Action Based on Data Breaches
- March 2, 2018 - Privacy and Cybersecurity Group News: Welcomed Draft Commentary from the Sedona Conference on BYOD
- February 26, 2018 - Privacy and Cybersecurity Group News: SEC Issues New Cybersecurity Disclosure Guidance for Public Companies
- February 14, 2018 - Privacy and Cybersecurity Group News: Out-of-Business File Storage Company Paid $100K for Alleged HIPAA Violations
- January 22, 2018 - Privacy and Cybersecurity Group News: Can't This Just Be Over? Standing In Cybersecurity Claims
- January 8, 2018 - Privacy and Cybersecurity Group News: FTC Settles with Children's Electronic Toy Maker for Security Program Issues
- January 5, 2018 - Privacy and Cybersecurity Group News: Vulnerabilities to Most Computer Processors Revealed
- December 13, 2017 - Privacy and Cybersecurity Group News: 'Tis the Season: W-2 Phishing Scams Likely to Resurface After the New Year
- November 17, 2017 - Privacy and Cybersecurity Group News: No First Amendment Privacy Protection from Grand Jury Subpoena for Identity of Anonymous Reviewers on Glassdoor.com
- November 8, 2017 - Privacy and Cybersecurity Group News: National Data Breach Notification Law Proposed
- October 27, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #5
- October 23, 2017 - Privacy and Cybersecurity Group News: Feds Warn of Critical Infrastructure Attacks as CT Releases Report on Utility Company Cyber-Readiness
- October 21, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #4
- October 19, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #3
- October 18, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #2
- October 13, 2017 - Privacy and Cybersecurity Group News: Cybersecurity Month Tip #1
- October 3, 2017 - Privacy and Cybersecurity Group News: Legislature Addresses Ransomware Threat With Criminal Penalties
- July 19, 2017 - Municipal Group News: Municipalities Under Connecticut's New Cybersecurity Strategy
- July 18, 2017 - Information Security & Privacy and Health Care Group News: Protecting Data: Vendors May Be Your Weakest Link
- June 28, 2017 - Health Care & Long-Term Care Group News: Data Breaches Most Expensive For Health Care Industry But Precautionary Measures Can Keep Costs Down
- May 16, 2017 - Information Security and Privacy Group News: Five Things You Can Do to Protect Your Business From a Cyber Attack
- January 30, 2017 - Information Security and Privacy Group News: Phishing Alert: Employee W-2 Information at Risk
- August 18, 2016 - Information Security and Privacy Group News: Is Your Student Information Adequately Protected?
- March 31, 2016 - Information Security and Privacy Group News: Cities and Towns Being Targeted by Hackers: Connecticut Municipalities Must Follow Data Breach Laws
- March 24, 2016 - Information Security and Privacy Group News: Cybersecurity Conference Essential Take-Aways Government, Industry and Legal Perspectives
- December 22, 2015 - Information Security and Privacy News: Critical Cybersecurity Policies and Practices After the Settlement Order in FTC v. Wyndham Worldwide Corp.
- October 27, 2015 - Information Security and Privacy Group News: The Increased Risks of Not Protecting Customer Information in Data Breaches
- June 11, 2015 - Information Security and Privacy Group News: Connecticut's Data Security Law Expands
- March 23, 2015- The Anthem data breach and the response of Connecticut's legislature
- October 6, 2014 - Article by Robert J. Munnelly, Jr. in the Hartford Business Journal
- August 2014 - Information Security and Privacy Group News
- DID YOU KNOW? January 28, 2014 is "Data Privacy Day"
- Proceed with Caution: Security Breaches put Damper on 2013/14 Holiday Season
- HR Professionals: Simple Steps That Can Help Your Company Avoid Becoming A Data Breach Headline
- Connecticut Attorney General Seeks Enforcement Against Citibank for Information Security Breach
- Key Lessons From Serving on a Cybersecurity Panel at a Recent Conference
- Concerns With Using "Cloud" Document Sites for Confidential or Proprietary Information
- National Data Privacy Day
- Information Security and Privacy Update, September 2012
- Massachusetts Provider to Pay $1.5 Million to Resolve HIPAA Violations
- Murtha Cullina LLP Formalizes Information Security and Privacy Group
- Vendors and Your Employees' Personal Information - New Identity Theft Measures Take Effect March 1, 2012
Seminars & Events
- June 12, 2018 - Half-Day Cybersecurity Conference: Threat Evaluation & Incident Response
- August 23, 2017 - Suzanne Brown Walsh to speak on Fiduciary Access to Digital Assets to the IRS Estate and Gift Tax Group in New Carrollton, MD
- June 22, 2017 - H. Kennedy Hudner, Burt Cohen and Stephanie Sobkowiak to present at "Sales of Goods, Software/Cloud Licensing, Indemnifications, Cyber Security Issues in Contracting" CLE
- June 7, 2017 - Cyber Security Conference: Protecting our Businesses, State and Nation
- May 24, 2017 - Suzanne Brown Walsh to present on "Fiduciary Access to Digital Assets" at Fiduciary & Investment Risk Management Association's National Conference
- May 5, 2017 - Suzanne Brown Walsh to present on Fiduciary Access to Digital Assets to the Arapahoe county (CO) Bar in NYC
- March 4, 2016 - Cyber Security Half-Day Conference Protecting Your Digital Assets: Government, Industry and Legal Perspectives
