Apr. 17, 2019

Guidelines for Securing Effective Cyber Insurance Policy Terms

With no end in sight to high-profile cyber attacks, more companies are taking out insurance against an incident. While insurance does not mitigate all of an organization’s cyber risk, it is one way to manage it. This guide outlines steps and considerations for securing the right policy terms and amount of coverage, and receiving the optimal payment and services from the insurance company after an incident. See our three-part series on using cyber insurance to mitigate risk: “From Assessing the Need to Managing Existing Policies” (Oct. 3, 2018); “Getting Savvy About Cost and Policy Terms” (Oct. 10, 2018); and “Policy Management and Breach Response” (Oct. 17, 2018).

China Establishes Certification Scheme for Mobile App Operators

Mobile apps continue to explode in popularity around the world, bringing with them critical privacy and data security concerns. China recently established a certification scheme for mobile app operators to show their compliance with standards issued in 2018 regarding the protection of personal information. BakerHostetler partner Sarah Zhao spoke with the Cybersecurity Law Report about the new scheme and how it fits in the larger framework of Chinese cybersecurity laws and regulations, best practices for compliance and the government’s enforcement efforts. See also “Understanding Data Privacy and Cybersecurity in China (Part One of Two)” (Sep. 7, 2016); Part Two (Sep. 21, 2016).

GPEN Report Highlights Key Areas for Data Privacy Improvement

A recent report from the Global Privacy Enforcement Network based on intelligence its member DPAs gathered from public and private organizations focused on data privacy accountability. GPEN found a “good understanding of the basic concepts of accountability” as to data privacy governance, but room for improvement in (1) keeping training updated and refreshed; (2) implementing measures to handle data subject complaints and inquiries; (3) monitoring adherence to applicable data protection standards. We analyze GPEN’s key findings, with insights from Ropes & Gray attorney Edward Machin. See also “Companies May Need to Re-Examine Approach to Breach Response Preparedness According to Experian Survey” (Mar. 26, 2019).

Blockchain Expert Joins Carlton Fields in Miami

Andrew (Drew) Hinkes has joined Carlton Fields in Miami as a partner in the firm’s blockchain and digital currency practice, where he advises blockchain, fintech, and financial services clients in corporate matters, including regulatory compliance and capital formation.