In May, NAAG held its Southern Region meeting focused on recent trends for state Attorneys General in the cybersecurity and privacy space. Arkansas Attorney General Leslie Rutledge hosted the meeting which kicked off with Tennessee Attorney General Herbert H. Slatery III moderating a panel on the increased use and collection of consumer data and resulting privacy and security issues. Of note, as privacy and security concerns clash, going forward we will see the enhanced use of encryption.

In outlining vulnerabilities exploitable by hackers, a panel discussed how data breaches of companies with poor security systems could lead not only to threats to consumer privacy but also significant liability for the company. Alabama Attorney General Steve Marshall moderated the panel exploring the panoply of corporate responses to cyber threats and data privacy and ways to reduce that exposure.

Former Arkansas Attorney General Dustin McDaniel led a panel discussing the cybersecurity challenges that state and local governments themselves face. Notably, studies show that state governments often lack the expertise to remedy weaknesses in their data protection systems. 

Texas Attorney General Ken Paxton moderated a panel on the states’ enhanced role in protecting medical privacy. In the past, much of the focus has been on the exploitation of personal financial information (PII), yet compromised personalized consumer health information (PHI) can be extremely dangerous or even fatal. Panelists discussed the role of state Attorneys General in investigating health care providers that violate the Health Insurance Portability and Accountability Act of 1996 (HIPAA).

The conference closed with remarks by United States Attorney J. Cody Hiland on federal responses to a cyberattack.