Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Monthly Archives: December 2010

Happy Holidays!!

Posted in Uncategorized

Happy Holidays from all of us at Privacy and Security MATTERS!   Click here for our Season’s Greeting e-card.

Data Breach at NYC “Hop-on, Hop-off” Tour Company — 110,000 credit card numbers stolen

Posted in 201 CMR 17.00, Data Breach, Data Breach Notification, Data Compliance & Security

Since March 1, 2010, privacy professionals have been waiting for a data breach that could bring an enforcement action under 201 CMR 17.00, the Massachusetts privacy regulations.   I just spoke with Paul Roberts, editor of, a blog that posted an entry yesterday regarding a breach that could do just that.   Twin America LLC, the parent company of… Continue Reading

Commerce Department Seeking Public Input on Proposed Privacy Framework

Posted in Uncategorized

 Yesterday, the Department of Commerce published a notice in the Federal Register, seeking feedback on proposals in its recently-unveiled privacy report.     Among other questions, the Commerce Department is seeking comment on such issues as :     • Should baseline commercial data privacy principles be enacted by statute or some other means?     • How should baseline… Continue Reading

Executive Summary: Commerce Department Issues Privacy “Green Paper”

Posted in Data Breach Notification

Written by Anagha Prasad Introduction In an effort to reexamine and improve upon commercial data privacy, the Internet Policy Task Force (IPTF) released a green paper entitled “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework.” Based on consultations, written submissions, and extensive research, the document makes various policy recommendations regarding… Continue Reading

Planning for the Release of Final HIPAA Rules and HIPAA Auditing

Posted in Uncategorized

Written by Dianne Bourque  On December 14, the Office of Civil Rights (“OCR”) indicated at a public meeting that it is considering the simultaneous publication in 2011 of four final HIPAA rules: The breach notification rule The HIPAA Enforcement Rule The HITECH implementation rules The HIPAA changes mandated by GINA  These rules are all scheduled… Continue Reading

Questions Asked by the FTC in the Privacy Report – Part II

Posted in Uncategorized

In last week’s Privacy Report , the Federal Trade Commission posed a series of questions, soliciting comment and discussion from stakeholders to better inform its final report on the subject, due to be issued mid-2011. We reviewed some of the questions in our December 2 post.   Here are some of the other questions — parties with… Continue Reading

It’s almost 2011. Do you know where your Red Flags Rule compliance program is?

Posted in Data Compliance & Security, Identity Theft

(UPDATED) Late Tuesday, the House of Representatives passed the Red Flag Program Clarification Act of 2010 on a voice vote, clearing the way for President Obama’s signature.  The Clarification Act exempts doctors, lawyers, accountants and certain other professionals from compliance with the Red Flags Rule.  As you may recall, we discussed lawsuits filed by the American… Continue Reading

Questions Asked by the FTC in the Privacy Report – Part I

Posted in Uncategorized

Yesterday’s blockbuster Privacy Report released by the Federal Trade Commission (blog post here) is as important for the questions it asked of stakeholders in eliciting public comment as for the recommendations it appears to be making. Since at least a portion of what will end up in the FTC’s final report will depend on the… Continue Reading

FTC Press Conference – Live Blogging

Posted in Uncategorized

FTC Chairman Jon Leibowitz, Jessica Rich, deputy director of the FTC’s Bureau of Consumer Protection, and Edward Felten, the FTC’s incoming chief technologist, held a press conference earlier this afternoon on the Consumer Privacy Report.   Alex Howard at Gov20 was blogging the press conference live — read it here.