Kirk J. Nahra

Firm(s): 

Articles:

  • Friday, August 2, 2013
    Cybersecurity is a hot buzz word in Washington these days. Congress debates the impact of cybersecurity risks on a wide range of national concerns. The U.S. Food and Drug Administration (FDA) warns about the risk of cyber attacks on medical devices. The White House is implementing an Executive Order (EO) to develop a cybersecurity framework. The...
  • Friday, January 13, 2012
    Businesses may wish to take special note of the First Circuit's October 20 decision in Anderson v. Hannaford Brothers Co. (2011 U.S. App. Lexis 21239), because it could well open the door for class actions against companies that suffer data breaches. Thus, it may signal an end to the heretofore consistent rulings foreclosing such litigation. The...
  • Monday, May 2, 2011
    Editor: Please tell our readers about your practice area.
  • Tuesday, July 1, 2008
    Part I of this article, which can be found on our website at www.metrocorpcounsel.com, introduced the need for companies in all industries to conduct a privacy and information security risk assessment and identified some of the preliminary steps for this assessment. Part II of this article describes the remaining steps necessary for a thorough and...
  • Sunday, June 1, 2008
    Part 1 of this Article introduces the need for companies in all industries to conduct a privacy and information security risk assessment, and identifies some of the preliminary steps for this assessment. Part II of this Article will identify the remaining steps necessary for a thorough and effective assessment.
  • Thursday, February 1, 2007
    As we begin the new year, maintaining appropriate security protections for personal information should be a high priority in 2007 for companies in all industries. Data security, which vaulted to prominence in 2006 in the overall context of information regulations, has emerged as a critical area where active enforcement, ongoing breach problems and varied...
  • Thursday, September 1, 2005
    The Federal Trade Commission's recent settlement with BJ's Wholesale Club makes an effective security program a national requirement for any company that holds personal information, regardless of industry or specific statutory or regulatory requirements. To the FTC, a failure to develop and implement an effective information security program constitutes an...
  • Tuesday, March 1, 2005
    2005 promises to be a year of significant activity on privacy and security issues, both in terms of new obligations and enforcement of older rules. For the health care industry, these developments fall into two primary categories - those that affect health care entities exclusively and those that encompass the health care industry within a wider range of...
  • Wednesday, December 1, 2004
    Since the passage of the original Sentencing Guidelines for Organizations in 1991, organizations of all sorts have focused on the need to develop and implement effective corporate compliance programs. Now, through a series of independent but simultaneous legal developments, for the first time since 1991, there is a broad-based and focused effort to...