InfoTech WNY Member and Lincoln Archives President, Bill Palisano, Responds to Cybersecurity Court Ruling Appeal.
InfoTech WNY Member and Lincoln Archives President, Bill Palisano, Responds to Cybersecurity Court Ruling Appeal.
Federal appeals court rules consumers may sue companies that fail to protect personal data
InfoTech WNY member and Lincoln Archives president, Bill Palisano, recently responded to a federal appeals court ruling that dramatically changed the corporate responsibility to protect personal data. A federal appeals court in Washington, D.C. ruled in Attias v. CareFirst that consumers may sue companies that fail to safeguard their personal data. With a new cyber-attack at the top of the headlines seemingly every week, Palisano explains “This ruling is a game-changer for all industries that collect and store people’s personal data and will likely open up a flood of litigation related to data protection. Due to this, it is critical that companies protect themselves when it comes to protecting the personal information of employees, clients, patients, vendors, etc., as open season for lawsuits has the potential to devastate established brands and bury small businesses.”
CareFirst, a health insurance company based in Boston, MA, disclosed it was the victim of a cyber-attack almost a year later that it occurred resulting in a breach affecting 1.1 million individuals. As it is often the case following large data breaches, a class action lawsuit was filed on behalf of individuals whose data was impacted. However, the district court ruled in 2016 that the plaintiffs could not prove they’d been harmed by the security breach. On August 1, 2017, the appeals court agreed that the lower court was wrong to dismiss the case, and reinstated the class action lawsuit. The court determined that the risk of identity theft in itself established harm and sufficient standing for the case to proceed.
As president of North Buffalo-based Lincoln Archives, Palisano emphasizes the importance of companies keeping their data secure. Palisano and his team provide tools to help organizations secure themselves, implement processes to be used in the event of an attack, and immediately begin to mitigate problems in the event of a breach – including Lincoln Archives’ new partnership with CSR Professional Services, Inc., and its CSR Readiness® Pro Edition which guides companies through the rigorous, state-by-state requirements if data is compromised.
“In the event of a breach, you can’t stop anyone from suing you, but you can certainly put yourself in the position to make a strong defense,” said Palisano. “Keeping your systems buttoned up, your processes in place, and your mitigation program well thought out – all of which either one, keep you and your customers, vendors, and employees protected, or, two, acts as proof that you’re doing whatever you can to protect their data.”