United States:
FTC Finds Lab's Data Security Practices Unreasonable
15 September 2016
by
Daniel J. McLoon
,
Mauricio Paez
,
Jonathon Little
,
Kevin Lyles
,
Todd McClelland
,
Jeff Rabkin
,
Adam Salter
,
Michiru Takahashi
,
Undine Von Diemar
,
Olivier Haas
,
Jörg Hladjk
,
Richard Johnson
,
Anand Varadarajan
and
Nicole Perry
Jones Day
To print this article, all you need is to be registered or login on Mondaq.com.
On July 28, the Federal Trade Commission ("FTC")
issued a unanimous opinion holding that LabMD,
Inc.'s data security practices were "unreasonable"
and lacked "even basic precautions to protect the sensitive
consumer information maintained on its computer system,"
constituting unfair practices under Section 5 of the FTC Act.
Specifically, the FTC found that LabMD failed to protect its
computer network or employ adequate risk assessment tools, failed
to provide data security training to its employees, and failed to
adequately restrict and monitor the computer practices of
individuals using its network. The Final Order directs LabMD to undertake
remedial measures and imposes a 20-year reporting requirement.
The content of this article is intended to provide a general
guide to the subject matter. Specialist advice should be sought
about your specific circumstances.
POPULAR ARTICLES ON: Privacy from United States
Atlas Data And Daniel's Law
Klein Moynihan Turco LLP
Readers of this blog are well aware of the recent surge in data privacy litigation. In February 2024, Atlas Data Privacy Corporation ("Atlas Data")...
Why Data Cleanup Fails – Part Three: Process
Alvarez & Marsal
This includes the very real, tangible and increasingly significant regulatory and legal drivers (e.g., fines) organizations face, and the wider, growing cultural assumptions among customers...