Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Monthly Archives: February 2010

Top 3 questions relating to compliance with 201 CMR 17.00

Posted in Data Compliance & Security

At the beginning of the “countdown” to the March 1st effective date of 201 CMR 17.00, we offered some posts with “misapprehensions” and compliance suggestions (see 16 Days to March 1….. and Countdown to compliance with 201 CMR 17.00…..11 days). Here are some questions that have been reoccurring over the last few weeks: 1) What… Continue Reading

“Stunning”/ “Shear Madness” – Reaction to Google Convictions

Posted in Data Breach

The reactions are coming in fast and furious to yesterday’s conviction of three Google executives in an Italian court. Linked here are just a few of the more than 1,000 media stories on the decision so far. Google privacy convictions in Italy spark outrageLarger Threat Is Seen in Google Case – NYTimes.comConviction of Google Execs… Continue Reading

BREAKING NEWS: Google Executives Convicted on Privacy Charges in Italy

Posted in Data Breach

In the first case of its kind, an Italian judge today convicted three Google executives on privacy violations in Milan court. Global Privacy Counsel Peter Fleischer, Chief Legal Officer David Drummond, and another executive were found guilty of failing to comply with Italian privacy code in allowing a disparaging video to be posted online. A… Continue Reading

Today’s compliance deadline – Enforcement of the HITECH/HIPAA data breach notification rule

Posted in Data Breach

February and March are just full of significant deadlines for privacy/security reporting and compliance. Today is the day that the Health & Human Services Office of Civil Rights begins to enforce the HITECH/HIPAA data breach notification rule. To “celebrate” the occasion, the agency publicly posted the first list of reported breaches affecting 500 or more… Continue Reading

HITECH Act Compliance Date Arrived — Without the Promised Regulatory Guidance

Posted in Legislation

We have been so focused on the upcoming Massachusetts data security deadline, that we let one last week go without fanfare. As we have gently reminded you on several occasions, the new HIPAA privacy and security rules contained in the Health Information Technology for Clinical and Economic Health Act (HITECH) became effective on February 17th…. Continue Reading

T Minus 10,080 Minutes and Counting…..

Posted in Employee Privacy

We have just one week to go before all entities that own, store, license — or basically do anything with — personal information of Massachusetts residents must comply with the Commonwealth’s new data security regulations. Things to consider: Have you done your risk assessment? Looked at what you collect and how you collect and how… Continue Reading

Countdown to compliance with 201 CMR 17.00…..11 days

Posted in Data Compliance & Security

As we approach the 10 day mark to the March 1 effective date of the Massachusetts data security regulations, 201 CMR 17.00, we thought that we would share another misapprehension in the ever-growing list. “I ordered one of those $99 “Compliance Kits” from the Internet, and they say that they will “certify” that I am… Continue Reading

16 Days to March 1…..

Posted in Data Compliance & Security

Just in case you missed it, March 1 is the deadline for compliance with 201 CMR 17.00, the new Massachusetts data security regulations, and we published a client alert last week as a “reminder”… Privacy and Security Alert. In addition to the top five “misapprehensions” about the applicability of the new regulations that we included… Continue Reading

New Facebook privacy lawsuits

Posted in Data Breach

Facebook has been hit with two new potential class-action lawsuits stemming from recent revisions to its privacy settings. The cases, filed recently in federal district court in San Jose, Calif. on behalf of nine Facebook users, allege that the new settings are “confusing and materially deceptive” and lessened their privacy. “Facebook has violated the privacy… Continue Reading

Tracking the cookie crumbs

Posted in Data Compliance & Security

Disabling cookies may not be the answer to controlling your online identity. Regardless of whether you have cookies enabled or not, Web sites collect certain amounts of operational information about your browser. The Electronic Frontier Foundation has detailed how companies can use browser-configuration information to identify users, and also launched a new project, Panopticlick, aimed… Continue Reading

27 days and counting…

Posted in Data Compliance & Security

March 1st is the deadline for compliance with the Massachusetts data security regulations, 201 CMR 17.00. We have blogged incessantly for months about the need to get compliance programs into gear and develop information security plans as required by the regulations. The time is here. If you are one of the procrastinators (and, you are… Continue Reading