Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Tag Archives: Personal Information

Congress Moves Critical Infrastructure Cybersecurity Bill

Posted in Cybersecurity, Legislation

On Wednesday, the House Homeland Security Committee passed a substitute bill for H.R. 3696, the National Cybersecurity and Critical Infrastructure Protection Act of 2013.  The committee substitute bill was broadly supported by both parties.  As it presently stands, H.R. 3696 delegates to the Department of Homeland Security  the responsibility for civilian cybersecurity research and development, incident detection… Continue Reading

Data Brokers Under Scrutiny

Posted in Legislation, Privacy Regulation

The Senate Commerce Committee released this morning its majority staff report, A Review of the Data Broker Industry: Collection, Use, and Sale of Consumer Data for Marketing Purposes, on the practices data brokers use to collect and sell personal information of consumers and how those practices affect the privacy of hundreds of millions of Americans. … Continue Reading

TJX Data Breach May Take Back Seat to Sony PlayStation Network Breach

Posted in Uncategorized

 Written by Julia Siripurapu Sony Corp. has acknowledged on its PlayStation website that between April 17 and April 19, its PlayStation and Qriocity networks were the subject of a hacking attack. As a result of this attack, the personal information, including name, address, email address, birth date, passwords, security question answers, and credit card data, of… Continue Reading

It’s Tax Time — Use Caution with those W-2 Forms

Posted in Data Breach, Data Breach Notification, Data Compliance & Security

We’ve had several questions lately regarding “mixups” with mailings of W-2 forms, and whether certain situations are really “data breaches.”    Some Attorneys General are taking the position that the employer is responsible for providing notice to affected individuals (employees and former employees) and providing the required AG notice letters in the event that tax forms containing personal information… Continue Reading

WellPoint Sued by Indiana AG for $300K – UPDATE

Posted in Data Breach, Data Breach Notification, HIPAA/HITECH

(This post is updated to include links to the Indiana Attorney General’s press release and a copy of the complaint) Back on July 1, we blogged in this space about a very large data breach experienced by health insurer WellPoint.  According to WellPoint, over 470,000 individual insurance customers may have been affected by a breach that… Continue Reading

The Google Payload Data Fallout Continues

Posted in Data Breach

Written by Jillian Collins Connecticut Attorney General Richard Blumenthal says he will lead a multistate investigation into Google Street View cars’ unauthorized collection of personal data from WiFi networks. The Connecticut AG said he expects a significant number of states to participate. More than 30 states participated in a recent conference call regarding the Connecticut… Continue Reading

Countdown to compliance with 201 CMR 17.00…..11 days

Posted in Data Compliance & Security

As we approach the 10 day mark to the March 1 effective date of the Massachusetts data security regulations, 201 CMR 17.00, we thought that we would share another misapprehension in the ever-growing list. “I ordered one of those $99 “Compliance Kits” from the Internet, and they say that they will “certify” that I am… Continue Reading

Happy 2010 – Data Breach du Jour

Posted in Data Breach

We are just barely into the new year, and there is already a rather large data breach to report. Officials at Eastern Washington University (EWU) are notifying up to 130,000 current and former students that their personal information may have been exposed in a security breach, reports the Seattle Times. The data involved includes names,… Continue Reading

Holiday Privacy Watch: Take care before you donate that cell phone

Posted in Data Breach, Data Compliance & Security

During the holiday season, many organizations are soliciting donations of old cell phones to be repurposed. This is an excellent way to “reuse, reduce, and recycle” and puts those useless (to you) items to use in a positive way, but please remember — important and private data reside in your cell phone’s internal memory, even… Continue Reading

Remember the school-days admonition that something might end up on your “permanent record”?

Posted in Data Compliance & Security

A Fordham Law School study found that state educational databases across the country have severely inadequate privacy protections for the nation’s school children. The study, prepared by the Center on Law and Information Policy, reports that at least 32% of states warehouse children’s social security numbers; at least 22% of states record student pregnancies; and… Continue Reading

Data Breach du Jour ….

Posted in Data Breach

The Associated Press reports that American Express has notified some card-holders that their information may have been compromised. According to an American Express spokesperson, the breach resulted from an employee’s recent theft of data. In this tough economy, outside threats to personal information held by companies is not the end of the story. The possibility… Continue Reading

Not “Clear” What Happens to Passenger Data…..

Posted in Secure Traveling

Bad news if you were a frequent flyer who ponied up the $199 annual fee to participate in Verified Identity Pass, Inc.’s registered traveler program, branded as “Clear.” Last night, the company announced that it was “unable to negotiate an agreement with its senior creditor” and shut down. Membership fees will not be refunded. The… Continue Reading