Spencer Fane LLP Logo

Shawn Tuma

Partner

Spencer Fane attorney Shawn Tuma

T 972.324.0317
F 972.324.0301
stuma@spencerfane.com

One Key Takeaway from $3 Million Penalty by HHS for Exposing 300,000 Patient Records

The United States Department of Health and Human Services reached an agreement with Touchstone Medical Imaging in which Touchstone agreed to pay $3 million and adopt a corrective action plan in the wake of its data breach that exposed over 300,000 patients’ protected health information.

ABA Explains Lawyers’ Ethical Obligations for Data Security and Data Breach

Lawyers, like others in business, must comply with the data security and data breach notification laws of the 50 states that are applicable to their practices. But, according to the American Bar Association, their obligations do not end there. On October 17, 2018, the ABA issued Ethics Opinion 483 titled Lawyers’ Ethical Obligations After an Electronic Data Breach or Cyberattack

Yahoo! Data Breach Settlement Increases Risk for Companies’ Directors and Officers

The recent Yahoo! settlement marks a substantial step in data breach shareholder derivative litigation that increases the risk for officers and directors of companies that have a data breach. On January 9, 2019, Yahoo! Agreed to pay a total of $29 million to its shareholders to settle a lawsuit against several former directors and officers alleging that their poor management of the company led to the data breaches which substantially impacted the company’s value.

Texas Businesses Must Implement and Maintain Reasonable Cybersecurity Safeguards According to State Attorney General

Texas law requires businesses to implement and maintain reasonable cybersecurity, which they should do so with a written program for managing cyber risk and protecting sensitive customer information. This warning came from the state’s Attorney General following his office’s $1.5 Million settlement with Neiman Marcus over its 2013 data breach.

Cyber Hygiene Checklist

“[T]he relevant inquiry here is a cost-benefit analysis, that considers a number of relevant factors, including the probability and expected size of reasonably unavoidable harms to consumers given a certain level of cybersecurity and the costs to consumers that would arise from investment in stronger cybersecurity.”
– FTC v. Wyndham, (3rd Cir. Aug. 24, 2015)

Protect Your Company Against W-2 Business Email Compromise Attacks During Tax Season

The most likely “cyber attack” that your company will face will come in the form of an email. One of the most common forms of email attack is the business email compromise (BEC) and the most popular time of the year for the W-2 version of BEC is right now — tax season.

Cyber Incident Response Checklist

“Firms must adopt written policies to protect their clients’ private information . . . they need to anticipate potential cybersecurity events and have clear procedures in place rather than waiting to react once a breach occurs.”
– S.E.C. v. R.T. Jones Capital Equities Mgt.