Tag Archives: acc


Data breach: Not if, but when, experts warn

“It will never happen to us.”

That misperception puts businesses at risk for data breaches, expert say.

“The most common mistake is assuming your company won’t be breached because you’re not a large, multi-national company similar to the ones whose breaches are covered by the national media,” says Ari Bai, shareholder at Polsinelli. “In reality, however, every company is a target. Hackers, be they individual vigilantes, criminal organizations or nation-states, look for any and all data, and often the most accessible is that in smaller companies. Plus, small companies make for good ‘practice’ for hackers. Thus, when a company ignores the risk and does not set forth the proper protocols for protection and response, it is essentially asking to be breached.”

The 2015 Association of Corporate Counsel (ACC) Chief Legal Officers Survey revealed that one quarter of general counsel report their companies have been hit by data breaches. And according to the 2015 Cyberthreat Defense Report, more than seven in 10 respondents said their networks were breached in 2014, up from 62 percent in 2013. The average cost of a data breach in 2013 for companies in the Unites States was $5.85 million. The scariest part about the threat of a data breach is that experts agree that there is no way to completely protect a business from becoming the victim of a data breach.

“Once we develop a way to protect ourselves from something, the hackers are already using a new technique,” Bai says. “This is why preparation is so important. Liability for lack of preparation can financially devastate a company. You are going to get hacked — with preparation, you don’t have to lose lawsuits.”

Being prepared

Like any potential business catastrophe, limit a business’ risk of becoming the victim of a data breach starts with preparedness, according to Paul Stoller, shareholder at Gallagher & Kennedy.

“Every company should work with its legal professionals and IT staff to create and to implement a comprehensive data privacy and security plan, which will help to remove, or at least to reduce, the risk of many of the common causes of breach,” Stoller says.

Leon B. Silver, office co-managing partner at Gordon & Rees, says all companies, no matter their size, need to adopt data security as a core business practice throughout the organization and not look at it as something that is taken care of by one department or by an outside vendor.

“Policies on mobile devices, passwords and encryption are just part of an overall culture of data security awareness,” Silver says. “But be aware, a breach can happen.”

Heather Buchta, partner at Quarles & Brady says business leaders need to engage in some internal due diligence and ask themselves these questions:

• What internal policies are in place to protect data?

• Is there a policy against removing devices from the business location?

• Is there a policy to encrypt data?

• Even more basic, what kind of data does a company have?

“Risk of a breach increases as the volume of data a company has increases and oftentimes the data wasn’t even used by the business,” Buchta says, “which is creating an increased risk for no business purpose.”

Despite a company’s best efforts to lower its risk of a data breach, Buchta says today’s hackers are getting more sophisticated and businesses always have the added risk of employee error.

“The risk really lies in what was done ahead of time to try and prevent and breach and how the incident is handled afterward,” she says.

After the breach

While a business can be proactive in taking the appropriate steps to minimize risk and being well equipped to handle a loss or theft if data or information, there are no measures that provide a guarantee of security, Silver says.

“In fact, virtually every mid- to large-size company has already likely been breached, but the extent is either not known, or is not significant,” Silver says. “A big source of loss continues to be human error. That, coupled with continually evolving technology and more sophisticated theft/hacking measures equates to an ongoing need to stay ahead of the curve and simply arm yourself the best you can by adhering to and enforcing strict privacy policies following a thorough risk assessment.”

So what should you do if you’ve taken all the proper steps to reduce your risk of a data breach and your businesses is still victimized?

“The first thing is always to identify the source and to fix the issue that caused the breach so that there is not any further loss or theft of data,” Stoller says. “After that, the business needs to work with its IT professionals to investigate what caused the leak, to identify those persons who may be affected and to preserve evidence of what happened.”

Stella says it’s also imperative to work with legal professionals to determine a business’ legal obligations after a breach, including notifications to affected persons and government agencies.

“Don’t delay in investigating and don’t delay in calling in the experts,” Buchta says. “Businesses should have an incident response plan and that plan should identify the key players to investigate and manage a breach — legal counsel, IT forensics, operations/HR, public relations and the executive team.”

Because experts say a data breach is almost inevitable, it’s crucial for a business to develop and enforce sound privacy policies, including a response plan should a breach or loss occur, Silver says.

“Such policies will also need to evolve over time as technology continues to improve,” he says. “The bottom line is to expect the unexpected, think ahead, keep thinking ahead, and do your best to prepare.”

Advice from experts

Here is what Valley legal experts advise businesses to do to lower their risk of a data breach:

Ari Bai, shareholder; and Nick Verderame, associate, Polsinelli: “Start preparing now. Bring in technical and legal help to assess your data and risk levels, create technical protections, implement company procedures to protect against leaks, educate your employees and leadership, organize annual ‘fire drill’ tests and prepare a reaction and notification procedure.”

Heather Buchta, partner, Quarles & Brady: “Know your business. Know what data you have. Have an incident response plan in place in advance to facilitate the handling of an event when it occurs. Note I said, ‘when it occurs,’ not ‘if it occurs.’”

Leon B. Silver, office co-managing partner, Gordon & Rees: “Begin by assessing risk, including the availability of special ‘cyber risk’ insurance, which is not just for hacking and may provide coverage for both investigation and response costs, as well as defense and/or indemnity for third-party claims.”

Paul Stoller, shareholder, Gallagher & Kennedy: “The best practice for a business is to create and maintain a comprehensive data privacy and security plan. That begins with an audit of the business’s data and the development of policies and procedures to manage its confidential information. Then, it is essential to train employees on both the policies and procedure and the potential threats to the data’s security.”


Fortis boosts power with Acquisition of UNS Energy

Fortis Inc. completed its acquisition of UNS Energy Corporation, adding UNS Energy subsidiaries Tucson Electric Power (TEP) and UniSource Energy Services (UES) to its growing international family of electric and gas utility companies.

TEP and UES will remain headquartered in Tucson under local control with current management and staffing levels and no planned changes to existing operations. Under the terms of a written order issued by the Arizona Corporation Commission (ACC) on Aug. 12, both companies will have enhanced financial strength and other benefits as part of Fortis, while their Arizona customers will receive $30 million in bill credits over the next five years.

“Joining the Fortis family will generate benefits for our company, our customers and the communities we serve,” said David Hutchens, President and CEO of UNS Energy, TEP and UES. “While this transaction opens a new chapter in our company’s history, our story remains the same. We will continue working every day to provide the safe, reliable and affordable service our customers have come to expect.”

With the $4.5 billion acquisition, which includes the assumption of $2 billion in debt, UNS Energy becomes the second largest subsidiary of Fortis and expands that company’s customer base to more than 3 million. Fortis is Canada’s largest investor-owned electric and gas distribution holding company, with regulated utility holdings in Canada, the United States and the Caribbean.

“TEP and UES are well-run companies whose employees are committed to serving their customers and communities,” said Fortis President Barry Perry, who will succeed H. Stanley Marshall as the company’s CEO effective December 31, 2014. “We welcome both companies to the Fortis team and look forward to supporting their continued success in serving their customers’ energy needs.”

Local, Independent Board Majority

The UNS Energy Board of Directors was reconstituted today as a result of the acquisition. In addition to Perry and John C. Walker, Fortis’ Executive Vice President of Western Canadian Operations, the board’s nine members include Hutchens and six other longtime Arizona residents who will continue on as independent directors from the previous UNS Energy Board:

• Lawrence J. Aldrich, Chairman and Executive Director of the Arizona Business Coalition on Health.
• Robert A. Elliott, President and Owner, Elliott Accounting.
• Louise L. Francesconi, former President of Raytheon Missile Systems.
• Ramiro G. Peru, former Executive Vice President and Chief Financial Officer of Phelps Dodge Corporation.
• Gregory A. Pivirotto, former CEO and Director of University Medical Center.
• Joaquin Ruiz, Dean of the University of Arizona College of Science, Executive Dean of the Colleges of Letters, Arts and Sciences.

UNS Energy remains the parent company of TEP and UES and will continue to oversee their local operations. UNS Energy’s stock will not trade on the New York Stock Exchange after today. Shareholders will be notified by transfer agency Computershare with instructions on how to redeem their shares.


2014 ACC Awards

Az Business is recognizing the vital role that in-house counsel plays in business with the Arizona Corporate Counsel Awards. The 2014 finalists and winners were honored at a reception on Thursday, January 16 at the Ritz Carlton, Phoenix.

The 2014 ACC awards winners are:

Public Company of the Year
John Pons, Cole Real Estate Investments
Darrell Sherman, Taylor Morrison
Randall S. Theisen, Alliance Bank

Private Company of the Year
Jill Harrison, W.L. Gore & Associates

Nonprofit Company of the Year
Matthew Stocklager, Dignity Health

Up and Comer of the Year
Michael Mason, Pinnacle West Corp (APS)

Private Legal Department of the Year

Public Legal Department of the Year
Sprouts Farmers Market

Litigator of the Year
Michael Walker, Insight Enterprises

IP Attorney of the Year
Dan Oseran, eBay

General Counsel of the Year
Erin Lewin, Avnet

[fbalbum url=”https://www.facebook.com/media/set/?set=a.881216571893653.1073741836.148630228485628&type=1&l=a5b405b2c7&type=12″]


ACC issues residential solar recommendations

The Arizona Corporation Commission staff issued its highly anticipated recommendations in response to APS’s proposed rule changes directed at residential solar customers. ACC recommended that the Commission not approve either of APS’s proposed Net Metering cost-shift solutions.

Net Metering is the mechanism that allows residential customers the right to offset energy purchases from the utility with self-generation on a one-to-one basis.

The ACC staff proposals, like those from APS, are only recommendations. Any changes to the existing rules must be voted on by the Arizona Corporation Commissioners. The Commissioners are scheduled to take up the issue at its Oct. 16 and 17 hearing.

ACC staff further recommended that should any changes be granted, existing rooftop solar customers should be grandfathered under the old rules, and that those rules should apply to the rooftop equipment and premises where the equipment is installed. In other words, the net metering rules should “run with the land,” versus being a “right” that resides with a specific customer.

Although ACC staff recommended that no changes be made at this time, it did suggest that this issue be evaluated during APS’s next rate case. They said it was their belief that any cost-shift issue created by Net Metering is fundamentally a matter of rate design and that the appropriate time for designing rates that equitably allocate the costs and benefits of Net Metering is during APS’s next general rate case.

ACC staff further recommended that the Commission hold workshops with all stakeholders to help inform future Commission policy on the value that Distributed Generation (rooftop solar) installations bring to the grid. In addition, Staff recommended that within the workshops, the Commission investigate the currently non-monetized benefits of Distributed Generation with the goal of developing a methodology for assigning a values to the non-energy benefits of rooftop solar.

ACC staff believes this recommended course of action is the most effective and appropriate method of dealing with the Net Metering cost-shift issue APS outlined in its July 12 filing. However, since it is not yet clear whether the Commission will decide to deal with this issue immediately, staff offered two alternative recommendations as bridge solutions in an effort to at least begin gradually addressing the Net Metering cost-shift issue until the matter can be more comprehensively resolved in a future general rate case.

The first interim proposal is a Lost Fixed Cost Recovery (LFCR) Flat Charge provision for all new APS solar rooftop customers, unless the customers choose the ETC-2 rate which relies on a demand-based charge to partially collect fixed costs. The LFCR is designed to recover a portion of costs arising from transmission and distribution, and other miscellaneous fixed costs.

The recommendation would have new solar customers pay into the LFCR account at a flat rate, thereby reducing the impact on non-solar customers. The estimated impact of this flat charge would amount to an estimated monthly increase between $2 and $3 for new solar customers compared to the $50 to $100 a month charge under APS’s proposal.

ACC staff’s recommendation also included a second alternative in the event the Commissioners wanted to implement an immediate rule change before the next rate case, proposing a Distributed Generation (DG) Premium could be implemented on a gradual basis so as to minimize the immediate impact on future solar customers. The proposal said this could be done by initially setting the DG Premium at $2.75/kW. The DG Premium would be the cap for the monthly charge under this alternative. The Commission could lower or increase the DG Premium annually based on the effect it has on new solar installations. The Commission could also adopt an approach wherein the DG Premium is initially set at a lower amount than that recommended by Staff, and phased-in over a period of years.


Direct Energy Opens Phoenix Area Call Center

Direct Energy today officially opened its Phoenix area call center in Tempe symbolizing the company’s dedication to grow long-term in the Phoenix community. As part of the grand opening festivities, Direct Energy announced that the company and its employees would commit to volunteering a minimum of 2,000 hours over the next year among several different area non-profit organizations including Habitat for Humanity and the St. Mary’s Food Bank.

“Direct Energy takes community investment and corporate social responsibility very seriously,” said Scott Boose, president, Direct Energy Services. “We are committed to making a difference in our customer’s lives and positive impacts in areas like Phoenix where we are part of the community employing hundreds of people with plans to grow even more.”
The community involvement initiative announcement was made at a press conference at Direct Energy’s new call center. During the press conference, Direct Energy also discussed its optimism that Arizona will open to retail electric competition, an industry where Direct Energy is the largest in North America. Recently, Direct Energy submitted a Certificate of Convenience and Necessity (CC&N) to the Arizona Corporation Commission (ACC) to serve retail electric customers in the state. The ultimate goal is to allow more consumers, specifically residential and small businesses, in Arizona to reap the full benefits of a competitive retail market structure, which may include cost savings.

“Across the United States in competitive retail electric markets, Direct Energy has offered choice and innovative time-of-use products to consumers that will save them money,” said Steven Murray, president, Direct Energy Residential. “Arizona should be no different and we look forward to working with the Arizona Corporation Commission Commissioners and other parties to continue the forward progress the state is making toward competition.”

Direct Energy employs more than 200 people in the Phoenix area with current plans to grow to as many as 500. The company’s call center in Tempe serves customers in both Direct Energy Services for their plumbing, heating and air conditioning, and electricians needs, and Direct Energy Residential for our retail electric customers.

“We are so pleased to celebrate this day with Direct Energy and its employees,” said Mayor Mark Mitchell. “Tempe is excited about adding 500 new jobs to our community, and we are appreciative of the volunteerism of the Direct Energy employees. That is a genuine and generous sign that they are here to stay.”

“Our new call center is a symbol of the important position Tempe and the Phoenix area has toward growing our customer base and business in North America,” said Matt George, Direct Energy’s call center director and senior executive in the Phoenix area. “I look forward to showing the community our new workplace and enhancing our visibility and influence here.”

Power Outage Map

State challenges pollution control upgrades

The Arizona Corporation Commission is criticizing recent actions by the U.S. Environmental Protection Agency to clean up the state’s power plants.

The commission voted Tuesday to file an amicus brief in federal appeals court supporting the state’s challenge to pollution control upgrades at three coal-fired power plants.

The EPA partially approved Arizona’s air quality plan for the Cholla, Coronado and Apache generating stations. But the agency set its own limits for nitrogen oxide emissions and gave the plants’ operators five years to comply.

The commission says the EPA’s decision doesn’t strike the right balance of environmental stewardship and protection of Arizona’s economy.

The commission says it also will weigh in against a proposal for pollution control upgrades at the Navajo Generating Station. Public comments are due Aug. 5.


TGen Launches Website Focused on Rare Adrenal Cancer

A new website officially launched by the Translational Genomics Research Institute (TGen) provides patients and their families with 24-7 access to essential and comprehensive information on Adrenocortical Carcinoma (ACC), a rare and deadly form of cancer.

Named in memory or Kirsten Sandstrom, Kirsten’s Legacy is TGen’s research and clinical program for defeating ACC. The site includes facts about ACC, links to valuable patient resources and the latest updates on progress being made by TGen researchers and clinicians studying ACC.

To all those who knew her, Kirsten was an extraordinarily caring and loving woman. As a wife, mother, daughter and friend, Kirsten displayed a level of grace and selflessness that lifted the hearts of her family and lent them strength as she endured a 21-month struggle with ACC that claimed her life in March of 2010.

As part of a $1.5 million gift to TGen in support of ACC research, Kirsten’s parents Gary and Barbara Pasquinelli of Yuma, Arizona, worked with their son-in-law Ed Sandstrom and TGen to establish Kirsten’s Legacy. The Pasquinelli’s made their donation as a challenge gift to help encourage others to support ACC research.
“We had trouble finding information on ACC, so we established the Kirsten’s Legacy website to provide timely information for patients, their families and friends as TGen pursues better treatments and moves toward a cure for this terrible disease,” said Gary Pasquinelli. “The website enables those dealing with ACC to know immediately that they are not alone — that there is hope— a place where you can get substantial information about ACC without having to go through what we went through.”

Prior to the Pasquinelli gift and the launch of the Kirsten’s Legacy website, ACC survivor Troy Richards established TGen’s ACC program and actively raised dollars for research through his Advancing Treatment for Adrenal Cancer (ATAC) fund.
In May 2005, Richards met with TGen Drs. Daniel Von Hoff and Michael Demeure to discuss establishing TGen’s ACC Research Program. Richards also developed a website and co-founded what is now the largest ACC support group on the Web. He continues to raise funds and be an advocate by helping patients worldwide to receive the best possible care.

After learning of the Pasquinelli gift, Richards and the Pasquinelli family chose to merge their efforts and today pursue a cure for ACC through the Kirsten’s Legacy program.
“The goal of the website, the entire program for that matter, is to educate others about ACC and support TGen scientists and clinicians,’’ said Troy Richards. “Our hope is that Kirsten’s Legacy continues the work we’ve started and paves the way to improved treatments and understanding of ACC, and ultimately, leads to a cure.”
ACC is rare: less than 2 individuals in 1 million are susceptible. When the numbers are that low, few federal or philanthropic dollars flow toward studying the causes or finding a cure. That means fewer advances in diagnoses or therapeutic treatments. Also known as cancer of the adrenal cortex or ACC, TGen scientists and clinicians conduct their work with a sense of extreme urgency, knowing the fight against ACC lingers and few institutions are working to defeat this deadly cancer.

“The Kirsten’s Legacy website will enable TGen to create a community of ACC patients and advocates around the world and to share our research progress and resources,” said TGen Foundation President Michael Bassoff. “The support of Troy Richards, the Pasquinelli’s and Ed Sandstrom, serves to remind us of the power and importance of collaboration, enabling TGen’s mission against ACC.”

TGen Drs. Kimberly Bussey and Michael Demeure lead a team of scientists and clinicians who, for the first time, have completed the first whole genome sequencing of ACC tumors. This offers new insight into the possible causes of this extremely rare and aggressive form of cancer by identifying all 3 billion chemical DNA bases of ACC tumors. Researchers compare the cancer DNA to a patient’s normal DNA to discover what’s different; what mutations might cause the disease.

The ACC research team at TGen is eager to work with all investigators on efforts to improve treatments for affected patients.

Visit Kirsten’s Legacy at: kirstenslegacy.org.


APS Prepared To Meet Summer Demand

APS is well positioned to meet the energy needs of its customers this summer, company officials told the Arizona Corporation Commission (ACC) today.

This message was part of APS’s annual summer preparedness briefing to the ACC.  The presentation included this summer’s peak demand forecast, an inventory of available resources to serve that demand, a summary of APS’s system improvements, and the steps the company has taken to prepare for wildfires and other emergencies.

“One of our most important jobs each year is to make sure the APS system is ready when the summer heat arrives,” said Daniel Froetscher, APS Vice President of Energy Delivery. “We invest in the electricity grid, secure an ample supply of power for even the hottest days, and prepare in advance for storms, wildfires and other events that can cause power outages. When outages do occur, our top priority is to get the lights back on quickly and safely, while communicating regularly with our customers about our efforts to restore the power.”

In preparation for meeting the needs of its customers this summer, APS in 2011 invested about $250 million in system improvements. This included more than 40 miles of new and rebuilt power lines and the construction of seven new substations throughout the company’s service territory.

This summer, APS anticipates a peak of 7,067 megawatts (MW), compared with the 2011 summer peak of 7,087 MW, which occurred on Aug. 24, during the hottest monsoon season ever recorded in the Valley. Between its existing generation, and long- and short-term contracts, APS has 8,696 MW of resources available to help meet summer demand.

The all-time APS system peak of 7,236 MW was set on July 21, 2006. (The summer peak – the 15-minute period when APS customers require the most energy – typically occurs in July or August between 5 and 6 p.m.)

APS successfully met peak demand in 2011 while providing its 1.1 million customers with record high levels of reliability. For the year, the typical APS customer experienced 0.79 power outages compared to a national industry median of 1.12 interruptions. Meanwhile, the typical APS customer experienced 69 minutes of interrupted service in 2011, compared with an industry median of 114 minutes. Both marks are APS records and fall within or near the top quartile of the industry.

In the event of large-scale customer outages, the company utilizes its Twitter outage feed, @APSOutageCenter, to provide real-time updates to its customers and other key audiences.

The state’s other major electric utilities also made presentations to the ACC.

For more information on APS, visit APS’ website at aps.com.