Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Category Archives: 201 CMR 17.00

Subscribe to 201 CMR 17.00 RSS Feed

Privacy Monday – July 29, 2013

Posted in 201 CMR 17.00, Cybersecurity, Data Breach, Data Breach Notification, European Union, Privacy Monday

Privacy goofs, gaffes and tidbits for the last Monday in July —   NSA Surveillance Causes More Grief –Germany Calls for a Stop to Safe Harbor:  Time for Binding Corporate Rules?  According to news sources the federal and state German data protection commissioners late last week sent a letter to German Chancellor Angela Merkel, requesting… Continue Reading

Two Upcoming Privacy Events

Posted in 201 CMR 17.00, Data Breach, Data Compliance & Security, Employee Privacy, Privacy Regulation

We have two “Save the Date” announcements today – for registration information click on the links below: October 18, 2012 — San Diego — The Era of Big Data — Governance, Risk and Compliance October 25, 2012 — Webinar — Data Privacy and Security Issues for the Nonprofit Join the Mintz Levin Privacy team at… Continue Reading

Massachusetts Attorney General Data Breach Investigation Results in $15,000 Settlement with Property Management Firm

Posted in 201 CMR 17.00, Data Breach, Data Breach Notification, Data Compliance & Security, Privacy Regulation

Written by Cynthia J. Larose and Adam Veness   Last October, a Maloney Properties, Inc. (“MPI”) company laptop was stolen containing unencrypted personal information, including social security numbers, for over 600 Massachusetts residents.  Shortly after the incident, MPI sent letters to customers alerting them of the incident and related data breach.  As a result of that… Continue Reading

Massachusetts Data Security Regulations: Deadline Looms for Amending Service Provider Contracts

Posted in 201 CMR 17.00, Data Compliance & Security, Privacy Regulation

Just a reminder that March 1 is an important deadline with respect to the Massachusetts data privacy and security regulations (the “Regulations”).  As a refresher, the Regulations require all entities that “own or license” personal information of Massachusetts residents — wherever the entity is located — to comply with provisions requiring specific administrative, physical and technical… Continue Reading

New Year’s Resolutions – Privacy & Security

Posted in 201 CMR 17.00, Data Breach, Data Compliance & Security, HIPAA/HITECH, Identity Theft, Privacy Regulation, Secure Traveling, Security

Since it’s traditionally the time for new beginnings and resolutions to clear away old habits, we’d like to pass on some tips for improving privacy and security in your operations — and in your own life —  in 2012. 1.   Be sure to secure. Many data breaches occur by leaving sensitive information lying around the… Continue Reading

Into the Breach – Security Failures Can Cost You

Posted in 201 CMR 17.00, Data Breach, Data Compliance & Security

Once again, we have evidence that failures to implement the most basic of data security measures can cost real money.   The Massachusetts Attorney General’s office announced a consent order that fines a Boston restaurant group $110,000 and imposes a set of compliance measures that will also carry a price tag.   Despite many headlines trumpeting the “first enforcement action,” this action… Continue Reading

Data Breach at NYC “Hop-on, Hop-off” Tour Company — 110,000 credit card numbers stolen

Posted in 201 CMR 17.00, Data Breach, Data Breach Notification, Data Compliance & Security

Since March 1, 2010, privacy professionals have been waiting for a data breach that could bring an enforcement action under 201 CMR 17.00, the Massachusetts privacy regulations.   I just spoke with Paul Roberts, editor of threatpost.com, a blog that posted an entry yesterday regarding a breach that could do just that.   Twin America LLC, the parent company of… Continue Reading