New cybersecurity regulations issued by the NYDFS define the nonpublic information they regulate in exceptionally broad terms. This expanded definition of Nonpublic Information will create major challenges for regulated companies and their third-party service providers that will likely ripple through other ancillary industries.
New York’s Cybersecurity Requirements Pose Multi-Year Compliance Challenges
By McDermott Will & Emery, Michael G. Morgan, Mark E. Schreiber and Scott Weinstein on September 20, 2017
Posted In Cybersecurity, Data Privacy
McDermott Will & Emery
Michael G. Morgan
Michael Morgan is a leader of the Firm’s Global Privacy and Cybersecurity practice. Recognized as one of the nation’s leading lawyers in cyber incident response, Mike has guided clients through some of the largest and most complex data breaches, including state-sponsored attacks, breaches involving more than 50 million records, and incidents affecting persons in more than 100 countries around the world. He represents clients in the defense of breach-related government investigations and class action litigation as well as pre-breach planning and post-breach remediation. Read Michael Morgan's full bio.
Mark E. Schreiber
Mark E. Schreiber focuses his practice on cybersecurity, data breach response and global privacy coordination. He advises entities facing cross-border data protection, Privacy Shield and related issues, strategic decisions, and investigations. Mark has led numerous multi-national and cross-border matters, including those involving data breaches, and has advised senior management, boards, and special board committees on a variety of investigations, including data breach prevention and response. Mark is a leader of the Firm’s Global Privacy and Cybersecurity practice. Read Mark Schreiber's full bio.
Scott Weinstein
Scott A. Weinstein provides legal counsel on health care regulatory compliance, contracting and transactional due diligence, with a focus on health information privacy and security, Medicare and Medicaid's health information technology and quality reporting requirements, and clinical research regulations. Scott additionally provides legal counsel on federal and state privacy and data protection laws, with a focus on privacy audits and the development of internal and externally facing privacy policies for websites and mobile applications. Read Scott Weinstein's full bio.
Michael G. Morgan
Michael Morgan is a leader of the Firm’s Global Privacy and Cybersecurity practice. Recognized as one of the nation’s leading lawyers in cyber incident response, Mike has guided clients through some of the largest and most complex data breaches, including state-sponsored attacks, breaches involving more than 50 million records, and incidents affecting persons in more than 100 countries around the world. He represents clients in the defense of breach-related government investigations and class action litigation as well as pre-breach planning and post-breach remediation. Read Michael Morgan's full bio.
Mark E. Schreiber
Mark E. Schreiber focuses his practice on cybersecurity, data breach response and global privacy coordination. He advises entities facing cross-border data protection, Privacy Shield and related issues, strategic decisions, and investigations. Mark has led numerous multi-national and cross-border matters, including those involving data breaches, and has advised senior management, boards, and special board committees on a variety of investigations, including data breach prevention and response. Mark is a leader of the Firm’s Global Privacy and Cybersecurity practice. Read Mark Schreiber's full bio.
Scott Weinstein
Scott A. Weinstein provides legal counsel on health care regulatory compliance, contracting and transactional due diligence, with a focus on health information privacy and security, Medicare and Medicaid's health information technology and quality reporting requirements, and clinical research regulations. Scott additionally provides legal counsel on federal and state privacy and data protection laws, with a focus on privacy audits and the development of internal and externally facing privacy policies for websites and mobile applications. Read Scott Weinstein's full bio.
Related Posts
- NYDFS—First Enforcement Action under Cybersecurity Regulation
- Pressure Points: OCR Enforcement Activity in 2014
- C-Suite – Changing Tack on the Sea of Data Breach?
- Digital Health 101: OCR Issues Resources to Educate Patients on Telehealth, PHI
- Top Takeaways | Cybersecurity & Insurance Coverage in the Age of Telehealth: Understanding and Mitigating Your Risk