The following excerpt is part of a series of blog posts on topics that will be discussed at the NCBA Privacy and Data Security Section Annual CLE. If you are interested in learning more, then please join us. Register for the program here.

Imagine it is a Friday afternoon. A doctor at the hospital you work for as in-house counsel or as outside counsel to the hospital calls you in a frenzy. All her computers are locked up by some malicious software demanding a ransom. The ransom note says patient records will be sold if she does not pay the ransom. She asks what she should do next: should she pay the ransom? Should she contact law enforcement? Is she going to need to notify her patients or government officials or the medical board?

The U.S. privacy laws are a patchwork of state and federal regulations. Whether you practice in the privacy and data security space or not, these issues will likely one day affect your organization where you work as in-house counsel or your clients calling you as outside counsel for help. In this digital world we live in, all attorneys can benefit from understanding the basics of how to respond to an alleged security incident.

October 19, 2021/by Privacy and Data Security