Do Companies Need a Written Security Information Plan?

From JDSupra, Angela Hsu and Jena Valdetero provide terrific guidance on a written information security plan. Angela and Jean write:   Do Companies Need a Written Security Information Plan? After a security breach occurs, customers, the media, regulators, and other interested parties routinely ask what measures the organization took to prevent the breach in the first […]

Massachusetts Attorney General says you must practice what you preach 

From JDSupra, International Lawyers Network reports on a case in which a company had a Written Information Security Program (WISP) but did not follow it. They report: Having a WISP is not enough to comply with data security standards In the first public settlement of its kind related to violations of the new Massachusetts Standards […]

With Massachusetts’ Consumer Data Privacy Bill Still Under Consideration, Student Data Privacy Class Action Fails In Federal Court 

From JDSupra, Melanie Conroy, discusses a recent case in which a data privacy class was dismissed but it would not have been under a proposed laws. Melanie writes: As we have recently reported, the Massachusetts legislature is currently considering a comprehensive data privacy law that would create a private right of action for consumers who allege […]