As more and more businesses require customers to submit sensitive personally identifiable information (PII) to provide goods or services – such as Social Security numbers, and birth dates – people are forced to trust that these companies will safely store their data. Unfortunately, that is not always the case.
There were 2,216 confirmed data breaches worldwide in 2017 alone. Data breaches affect companies of all sizes, with 58 percent of targets categorized as small businesses across a range of industries, including health care, education, and financial services.
While data breaches that dominate the news tend to involve the massive corporations and tens of millions of victims, a smaller data breach of a local business that affects people in a limited geographic area is more likely to come across the desk of most attorneys. Three types of data breaches frequently occur in local communities: phishing emails to office staff, employees improperly accessing medical records, or hackers deploying ransomware. Although these data breaches may be “small” in scale, the impact on victims and local communities can be devastating.
Big data breaches grab headlines, but smaller-scale, localized ones occur frequently and have the same impact on consumers. Learn about the features of these breaches and how to handle them in the below article published by the American Association for Justice and written by Faraci Lange partner Hadley Matarazzo and Cohen & Malad attorney Lynn A. Toops.
Faraci Lange Partner, John A. Falk, recently settled an auto accident case for a Spencerport resident who suffered serious injuries on the right side of her body after her car was hit by an oncoming driver who had drifted into her lane. The driver’s negligence caused severe injuries to our client, who still suffers from tricompartmental arthritis in her right knee.
The client met the serious injury threshold, which is one of the criteria that an injured victim must prove in auto accident cases in the state of New York. Generally, this means that the client needs to have suffered a significant injury that can be objectively verified by a medical test or evaluation.
John Falk was able to negotiate a successful settlement for our client.
Faraci Lange has handled thousands of automobile accident cases and has vast experience in working with treating physicians to document serious injuries for purposes of meeting this threshold.
If you have suffered a serious injury as a result of an auto accident, or have questions or concerns regarding such personal injury claims, contact Faraci Lange today.
View more successful case stories here.
U.S. Food and Drug Administration‘s Commissioner Scott Gottlieb, M.D released a statement on Thursday, in which he discussed new steps to strengthen the safety oversight of Bayer AG’s Essure permanent birth-control device.
Earlier this year in July, Bayer decided to discontinue the sales and distribution of Essure in the U.S. after December 31st, 2018. This followed a series of FDA regulatory actions, including the decision to make Essure a restricted device due to safety concerns.
In the statement, Gottlieb announced the FDA’s plan to revise and strengthen its post-market study of Essure, which was originally ordered in 2016, to ensure that long-term safety information continues to be collected.
The revised study would now monitor women implanted with the Essure device for five years, instead of the previous three year requirement. The longer period of evaluation would provide the FDA with more long-term information on adverse risks of the device.
It would also require additional blood testing of patients enrolled in follow-up visits during the course of the study in order to better monitor potential immune reactions to the device.
Bayer will also be required to continue enrolling patients who opt to receive the Essure device and to submit reports more frequently on teh study’s progress.
Essure, which is the only permanent birth control device on the market that is not surgically implanted in women, has caused some cases of adverse events including persistent pain, allergic or hypersensitivity reactions, perforation of the uterus and/or fallopian tubes, and migration of inserts to the abdominal or pelvic cavity.
“I personally had the opportunity to meet with women who have been adversely affected by Essure to listen and learn about their concerns. Some of the women I spoke with developed significant medical problems that they ascribe to their use of the product. We remain committed to these women and to improving how we monitor the safety of medical devices, including those related to women’s health,” stated Gottlieb.
Click here to read the FDA’s statement.
To contact us about a potential defective medical device claim, please click here to complete an online form or call us at 888.325.5150 for a free consultation.
Faraci Lange Partner, Brian Zorn, recently settled a slip and fall accident case for a Brockport resident.
Our client was walking out of his Veterinary office when he slipped and fell on a patch of ice in the parking lot, causing him to break his left arm. The negligence made by the Veterinary office by not salting their parking lot has left our client with severe injuries. He has neuropathic pain, numbness, and functional loss in his left hand and fingers that he will not be able to get back.
Brian Zorn negotiated a favorable settlement and recovered the maximum amount possible for our client’s personal injuries.
Faraci Lange has been handling claims on behalf of individuals who have been seriously injured due to the negligence of establishment owners for 50 years. Our attorneys have vast experience in evaluating potential claims in this area and distinguishing those having a reasonable chance of success from those that do not.
To contact us about a Premises Liability, or slip and fall lawsuit, please click here or call us at (888) 325-5150 for a free consultation.
Vaccines serve the essential public health function of preventing serious and deadly diseases. Unfortunately, despite this essential function, a very small number of people can develop serious and sometimes deadly complications after vaccination.
To address this, in the 1980s, Congress created the National Vaccine Injury Compensation Program to provide a no-fault alternative to the traditional tort system.
As part of the Program, the Federal Government publishes a Vaccine Injury Table that lists the vaccines covered under the Program, the injuries that are recognized to be caused by each vaccine, and the time period within which the first symptom of each such condition should appear to give rise to a rebuttable presumption of causation.
Periodically, the Vaccine Injury Table is amended to add vaccines and/or injuries that are covered under the Program.
The latest amendment of the Vaccine Injury Table became effective on March 21, 2017. This amendment was significant in three ways:
- It added Guillain-Barre Syndrome (“GBS”) to the Table where the first symptoms present within 42 days of an influenza vaccination;
- It added Shoulder Injury Related to Vaccine Administration (“SIRVA”) to the Table where the first symptoms present within 48 hours of a vaccination for each covered vaccine;
- Pursuant to 42 U.S. Code § 300aa-16(b), people who developed GBS after an influenza vaccination or SIRVA after any covered vaccination after March 21, 2009 can bring an action under the Program on or before March 20, 2019.
Normally, a vaccine claim must be brought within three years of the first symptom or manifestation of a vaccine-related injury. For death cases, the claim must be brought within 2 years of the date of death. 42 U.S.C. § 300aa-16(a)(2).
However, the statute has a savings provision, 42 U.S.C. § 300aa-16(b), that permits people who were previously time barred from bringing a claim to file their actions within two years of an amendment to the vaccine injury table where such person was either not eligible prior to the amendment or where the amendment significantly increases the likelihood of compensation under the Program.
Based on the March 21, 2017 Table amendment, anyone who has developed GBS within 42 days of an influenza vaccination or SIRVA after any vaccination after March 21, 2009 are still eligible to file a claim. But they must file that claim before March 20, 2019, or be forever barred from doing so.
If you or someone you know developed GBS or SIRVA caused by a vaccine after March 2009, contact Faraci Lange at (585) 325-5150 immediately. We have the experience and knowledge in handling vaccine cases to help.
At Faraci Lange, we have experience in analyzing, preparing and filing vaccine claims for injured people. Our vaccine injury attorneys, Kathryn Lee Bruns and Matthew F. Belanger have successfully resolved numerous cases for people seriously injured from a vaccine.
On October 17, 2018, the American Bar Association issued its first formal opinion addressing the obligations of a lawyer who has been the victim of a data breach or cyberattack.
The opinion is Formal Opinion 483, titled “Lawyers Obligations After an Electronic Data Breach or Cyberattack”. Before discussing this opinion, it is important to have an understanding of a lawyers’ obligation with regard to her use of technology in providing legal services.
For the last decade, lawyers and the ABA have been grappling with a lawyer’s ethical obligations as they pertain to the constantly evolving use of technology. As noted in Formal Opinion 483, the model rules were amended in 2012 to address the use of technology. These amendments are referred to as the “Technology Amendments” and include the obligation to understand the risks and benefits of relevant technology (Model Rule 1.1) and the obligation to take reasonable measures to prevent inadvertent or unauthorized disclosure of information pertaining to the representation (Model Rule 1.6(c)). They also include the requirement that lawyers ensure their staff is likewise trained to and takes reasonable measures to prevent unauthorized disclosure of or access to this information (Model Rules 5.1 and 5.3).
On May 11, 2017, the ABA issued Formal Opinion 477, titled “Securing Communication of Protected Client Information”. The Committee sought to update the prior rule, Formal Opinion 99-413, which addressed a lawyer’s confidentiality obligations pertaining to emails with clients. While the Committee does not dictate what constitutes reasonable steps a lawyer must or should take to protect sensitive data, it does provide seven considerations to guide lawyers with regard to reasonable steps.
The Committee concludes that “a lawyer may transmit information related to the representation of a client over the Internet without violating the Model Rules of Professional Conduct where the lawyer has undertaken reasonable efforts to prevent inadvertent or unauthorized access.” In practice, there are several ways lawyer can seek to protect client information from inadvertent disclosure. For example, a lawyer can encrypt emails and attachments, password protect attachments or transmit correspondence and attachments using a secure FTP site.
A year and a half later, recognizing that data breaches and cyberattacks have affected and will continue to affect law firms, the Committee issued Formal Opinion 483 to address a lawyer’s ethical obligation if this occurs and information related to representation of a client is compromised. This Opinion picks up where Formal Opinion 477 left off.
For purposes of this opinion, the Committee has defined data breach to mean “a data event where material client confidential information is misappropriated, destroyed or otherwise compromised or where a lawyer’s ability to perform legal services for which the lawyer is hired is significantly impaired by the episode.”
This definition is broad enough to include a number of situations. For example, it could involve a data breach where sensitive client data is exfiltrated from a lawyer’s computer network or a ransomware attack where a lawyer is prohibited from accessing a client’s file. It could also include an attack involving destruction of part or all of a lawyer’s computer network where confidential information is stored, resulting in an inability for the lawyer to access the information necessary to perform legal services.
The Committee concluded based on the Model Rules discussed above, “lawyers must employ reasonable efforts to monitor the technology and office resources connected to the Internet, external data sources and external vendors providing services related to data and use of data.”
The Committee clarifies that a breach or failure to immediately detect a breach does not necessarily give rise to an ethical violation if reasonable steps were taken, but evaded by intruders. Instead, an ethical violation may be found when reasonable efforts are not taken, and because reasonable efforts are not taken, a breach occurs or goes undetected for some period of time.
If a breach is suspected or detected, a lawyer must “act reasonably and promptly to stop the breach and mitigate damage resulting from the breach.” The Committee recommends having a plan in place to deal with a suspected or actual breach and provides guidance regarding the contents of an incident response plan.
Regardless of whether a plan is in place, “a competent lawyer must make all reasonable efforts to restore computer operations to be able again to service the needs of the lawyer’s clients.” The lawyer must also investigate the breach to determine it has been stopped and to figure out what information, if any, has been exposed.
Finally, under Model Rule 1.4, a lawyer must notify current clients when “unauthorized release of confidential information could reasonably be viewed as a significant factor in the representation…”
This includes situations where the client’s position or legal matter may be impacted. Interestingly, under Model Rule 1.9, the Committee declines to extend this requirement to former clients. However, the Committee does note that consistent with best practices a lawyer should reach an agreement with the client at the termination or conclusion of representation to determine how to handle the client’s electronic information. Absent an agreement, the Committee encourages lawyers to have a document retention policy, compliant with applicable laws and regulations, and to follow it.
The content of the notice to the client is dependent on the circumstances of the data breach and must be tailored accordingly. It is crucial that the notice provide sufficient information for the client to make an informed decision about what to do next. At a minimum, the lawyer must tell the client what sensitive information may be at risk and how it was believed to have been accessed unless the lawyer is unable to ascertain this information after taking reasonable steps to do so.
While not required, the Committee recommends the lawyer inform the client of the steps the lawyer is taking to respond to the breach and, where applicable and feasible, recover the data. The lawyer, on the other hand, has an ongoing obligation to keep the client apprised of any material information obtained from the post-breach investigation.
While Formal Opinion 483 does not address legal obligations a lawyer may have under federal or state privacy and notification laws such as HIPAA or the Graham-Leach-Bliley Act and other statutes such as notice statutes that may be implicated, the Committee notes that where personally identifiable information (PII) such as social security numbers are implicated, the lawyer should familiarize herself with the applicable federal and state notification laws. It is crucial that a lawyer who has been the victim of an attack understand and comply with all her legal obligations.
Faraci Lange partner, Hadley L. Matarazzo, has been litigating cases involving data breaches, personal injury, defective drugs and medical devices, toxic torts, and medical malpractice since joining the firm in 2010.
Contact Faraci Lange today if you or someone you know is in need of an experienced and trustworthy attorney.
Faraci Lange Partner, Matthew F. Belanger, recently settled a bicycle accident case for a Rochester resident who suffered a serious shoulder injury after being hit by a driver while riding his bike. The driver made a right on red without ever looking to his right. The driver struck the client in the cross walk, which caused bleeding from the client’s head and immediate pain in his entire left side.
The driver’s negligence caused severe injuries to our client, who still has difficulties with his left shoulder, hip and low back, requiring him to use a cane to walk. Matthew negotiated a successful settlement for our client to compensate for his personal injuries.
At Faraci Lange, not only do we represent bicyclists injured in crashes caused by motorists but we also understand cycling because we too are bicycle riders. Whether for exercise and recreation or in amateur competition, we understand what it’s like to be on the roadway with motorists. When looking for a bicycle accident lawyer, it is important to work with someone who understands a bicyclist’s point of view.
If you have suffered a serious injury as a result of a bicycle accident, or have questions or concerns regarding such personal injury claims, contact Faraci Lange today.
View more successful case stories here.
Faraci Lange is one of six finalists who have been selected for the 2018 ETHIE Award, an annual honor given to local businesses and organizations by the Rochester Area Business Ethics Foundation (RABEF).
The ETHIE Award celebrates businesses and organizations in the Rochester region that exemplify high ethical standards. Organizations are recognized based on their strong ethical foundations, aspirations to high standards of business conduct, as well as the multifaceted nature of ethics in our daily lives.
“On behalf of RABEF and the Rochester area business community at large, we welcome these finalists to our growing roster of strong, high integrity companies. We are extremely proud that companies like these, who exemplify the highest degree of ethical conduct in the workplace, call the Rochester region their home,” stated Chairman of the Board Bob Whipple.
RABEF plans to honor the ETHIE recipients at an awards celebration at Geva Theatre Center on October 22, 2018.
In January 2018, CPLR 214-a was amended to change the statute of limitations in delayed diagnosis of cancer actions.
The amendment provides that an action against a medical provider for the delayed diagnosis of cancer may be brought either 2 ½ years from when the patient knew or should have known of the alleged negligent failure to diagnose the cancer, but no later than seven years from the alleged negligence, or 2 ½ years from the last occasion where there is continuous treatment.
A similar discovery rule also applies to state and municipal hospitals and clinics pursuant to CPLR 203(g)(2).
Before the amendment to CPLR 214-a, the rule in New York State was that a patient would only have 2 ½ years from the date his or her doctor, a radiologist, or pathologist, missed the diagnosis of cancer. For many people, it is not even known that there has been a delayed diagnosis of the cancer until months or years later, and in some cases, not until after the statute of limitations has run.
This is exactly what happened to Lavern Wilkinson. By the time Lavern was properly diagnosed with the lung cancer in 2012, the statute of limitations for her to bring a medical malpractice action was gone.
In February 2010, Lavern had a chest x-ray ordered during an emergency room visit. The radiologist who reviewed the chest x-ray saw a suspicious mass in Lavern’s right lung, but she was never told the results of the chest x-ray.
Then, in May 2012, Lavern returned to the same ER with a chronic cough and another chest x-ray was ordered. It was then discovered that the cancer had spread to both of Lavern’s lungs, her liver, brain and spine.
If the lung cancer had been diagnosed in 2010, it could have been treated with surgery. By May 2012, the lung cancer was stage four and terminal.
Lavern’s wish was for the law to change so that what happened to her did not happen to anyone else.
On January 31, 2018, Governor Cuomo signed into law a medical malpractice bill called “Lavern’s Law.”
This bill amended the statute of limitations for delayed diagnosis of cancer cases to 2 ½ years from the date of the discovered delayed diagnosis of cancer, up to seven years from the date of missed diagnosis, or 2 ½ years from the last occasion where there is continuous treatment.
This is an important amendment to the statute of limitations in medical malpractice cases and it will allow many patients to pursue possible claims for delayed diagnosis of cancer which previously may have been time barred.
Jennifer L. Fay has been successfully representing plaintiffs in Medical Malpractice claims since she joined Faraci Lange’s Buffalo office in 2013.
To contact Faraci Lange about a potential medical malpractice case, call or text us at (888) 325-5150 or click here to submit an online contact form for a free legal consultation.
Ten Faraci Lange attorneys have been selected for inclusion in the 2018 edition of Upstate New York Super Lawyers, and two attorneys have been selected as Upstate New York Rising Stars.
The attorneys recognized as Super Lawyers from the Faraci Lange team are:
- Angelo G. Faraci
- Paul K. Lange
- Stephen G. Schwarz
- Frank J. Frascogna
- Matthew F. Belanger
- John A. Falk
- Hadley L. Matarazzo
- Brian M. Zorn
- Joseph A. Regan
- Kathryn Lee Bruns
Super Lawyers Upstate New York Rising Stars must be 40 years of age or younger and a practicing attorney for 10 years or less. The Faraci Lange attorneys named to this list are:
Super Lawyers recognizes attorneys who have distinguished themselves in their legal practices. Attorneys are selected following a rigorous process, with candidates nominated by their peers and professional accomplishments validated by a third party. Only five percent of the attorneys in Upstate New York are named to the Super Lawyers list, and no more than 2.5 percent of the lawyers in New York state are named to the Rising Stars list.