many more than six different hacks…….and headaches…… Written by Jonathan Ursprung With the holiday season in full swing, many of us are struggling with that age-old question: “what do you get for the person who has everything?” Well, if that person happens to be your supreme leader, the answer may very well be “a massive download… Continue Reading
201 CMR 17.00
Subscribe to 201 CMR 17.00 RSS FeedPrivacy Monday - July 29, 2013
Posted in 201 CMR 17.00, Cybersecurity, Data Breach, Data Breach Notification, European Union, Privacy MondayPrivacy goofs, gaffes and tidbits for the last Monday in July — NSA Surveillance Causes More Grief –Germany Calls for a Stop to Safe Harbor: Time for Binding Corporate Rules? According to news sources the federal and state German data protection commissioners late last week sent a letter to German Chancellor Angela Merkel, requesting… Continue Reading
Two Upcoming Privacy Events
Posted in 201 CMR 17.00, Data Breach, Data Compliance & Security, Employee Privacy, Privacy RegulationWe have two “Save the Date” announcements today - for registration information click on the links below: October 18, 2012 — San Diego — The Era of Big Data — Governance, Risk and Compliance October 25, 2012 — Webinar — Data Privacy and Security Issues for the Nonprofit Join the Mintz Levin Privacy team at… Continue Reading
Massachusetts Attorney General Data Breach Investigation Results in $15,000 Settlement with Property Management Firm
Posted in 201 CMR 17.00, Data Breach, Data Breach Notification, Data Compliance & Security, Privacy RegulationWritten by Cynthia J. Larose and Adam Veness Last October, a Maloney Properties, Inc. (“MPI”) company laptop was stolen containing unencrypted personal information, including social security numbers, for over 600 Massachusetts residents. Shortly after the incident, MPI sent letters to customers alerting them of the incident and related data breach. As a result of that… Continue Reading
Massachusetts Businesses Face Two New Challenges on Data Security
Posted in 201 CMR 17.00, Class Action Litigation, Data Compliance & SecurityA cross-post from our friends at the Associated Industries of Massachusetts - and important reading, given that March 1st is Thursday. Employers Face Two New Challenges on Data Security
Massachusetts Data Security Regulations: Deadline Looms for Amending Service Provider Contracts
Posted in 201 CMR 17.00, Data Compliance & Security, Privacy RegulationJust a reminder that March 1 is an important deadline with respect to the Massachusetts data privacy and security regulations (the “Regulations”). As a refresher, the Regulations require all entities that “own or license” personal information of Massachusetts residents — wherever the entity is located — to comply with provisions requiring specific administrative, physical and technical… Continue Reading
New Year’s Resolutions - Privacy & Security
Posted in 201 CMR 17.00, Data Breach, Data Compliance & Security, HIPAA/HITECH, Identity Theft, Privacy Regulation, Secure Traveling, SecuritySince it’s traditionally the time for new beginnings and resolutions to clear away old habits, we’d like to pass on some tips for improving privacy and security in your operations — and in your own life — in 2012. 1. Be sure to secure. Many data breaches occur by leaving sensitive information lying around the… Continue Reading
Into the Breach - Security Failures Can Cost You
Posted in 201 CMR 17.00, Data Breach, Data Compliance & SecurityOnce again, we have evidence that failures to implement the most basic of data security measures can cost real money. The Massachusetts Attorney General’s office announced a consent order that fines a Boston restaurant group $110,000 and imposes a set of compliance measures that will also carry a price tag. Despite many headlines trumpeting the “first enforcement action,” this action… Continue Reading
Data Breach at NYC “Hop-on, Hop-off” Tour Company — 110,000 credit card numbers stolen
Posted in 201 CMR 17.00, Data Breach, Data Breach Notification, Data Compliance & SecuritySince March 1, 2010, privacy professionals have been waiting for a data breach that could bring an enforcement action under 201 CMR 17.00, the Massachusetts privacy regulations. I just spoke with Paul Roberts, editor of threatpost.com, a blog that posted an entry yesterday regarding a breach that could do just that. Twin America LLC, the parent company of… Continue Reading
