Federal Trade Commission

A recent settlement filed by the Federal Trade Commission (FTC) and GoodRx may merit a review of your cyber insurance coverages. Earlier this month, the FTC took enforcement action for the first time under its Health Breach Notification Rule against the telehealth and prescription drug provider, GoodRx, for failing to notify consumers of its unauthorized disclosures of personal health information.

As detailed in a February 27 Hunton client alert, the Health Breach Notification Rule generally requires that vendors not covered by the Health Insurance Portability and Accountability Act (HIPAA) of personal health records give notice in the event of a “breach of security,” which is defined to include “unauthorized acquisition” of personal health records.
Continue Reading Recent FTC Enforcement Action Merits Cyber Insurance Coverage Review

On October 25, 2016, the Federal Trade Commission released a guide for businesses on how to handle and respond to data breaches. The 16-page guide details steps businesses should take once they become aware of a potential breach. The guide also underscores the need for cyber-specific insurance to help offset potentially significant response costs.
Continue Reading FTC Issues Data Breach Guide for Businesses, Confirming Uninsured Breach Response Will be Costly