Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Monthly Archives: May 2012

Vermont Updates Data Breach Notification Law

Posted in Data Breach Notification, Privacy Regulation

Written by Amy Malone Effective as of May 8, 2012, Vermont’s updated data breach law (Act 109) brings along several changes.  The biggest change is in the notification requirements.  Notification to consumers must now occur no later than 45 days after discovery of the incident and must include the approximate date of the security breach… Continue Reading

UK Cookie Law “Grace Period” Expires — Enforcement to Begin

Posted in Data Compliance & Security, Privacy Regulation

While those of us in the United States were observing Memorial Day and enjoying the unofficial start of summer, the grace period from enforcement of the UK “Cookie Law” expired on Sunday, May 27th.   Accordingly, websites must now officially obtain “informed consent” from visitors before saving cookies on a machine.    The reach of… Continue Reading

FTC v. Myspace Part II — The Takeaways

Posted in Data Compliance & Security, Federal Trade Commission, Online Advertising, Privacy Litigation, Privacy Regulation

The FTC has again provided us with a road map to compliance through the Myspace consent order.   Here are the takeaways that should concern every company with an online presence. Keeping the FTC Out of Your Space — The Takeaways Much can be learned from how the FTC has evaluated the adequacy of Myspace’s privacy policy… Continue Reading

Does an employer invade an employee’s privacy by accessing and reviewing the employee’s email?

Posted in Employee Privacy, Privacy Litigation

A recent Massachusetts Superior Court decision, Falmouth Firefighters Union v. Town of Falmouth, answers “no.” Our colleagues over at the Mintz Levin Employment Matters blog have posted an analysis of this interesting decision and the takeaways for employers — particularly Massachusetts employers. Read more here.  

Ignorance of HIPAA Provisions No Excuse


As the old canard goes:  “Ignorance of the law is no excuse.” The Ninth Circuit agrees, particularly when it comes to misdemeanor charges under HIPAA for “wrongful disclosure.”     Our colleagues at the Mintz Health Law & Policy Matters blog tell the story here.  

FTC Warns: Practice What You Promise – Part 1

Posted in Federal Trade Commission, Privacy Regulation

The Federal Trade Commission has issued yet another warning to companies operating online:  make sure your privacy policy is not making promises that you cannot (or do not) keep. Recently, the FTC entered into an agreement with Myspace and issued a consent order to settle a complaint it filed against the social networking website. This post… Continue Reading

Navigant: Reports of Data Breaches On the Increase Across Industries

Posted in Data Breach, Data Breach Notification, Data Compliance & Security, HIPAA/HITECH, Privacy Regulation, Security

Navigant recently published the latest update of its comprehensive Information Security and Data Breach Report, which adds yet another analytic view of the data breach picture.   And the view is not a pretty one.   You can get a copy of the report here. Some of the “highlights”: Healthcare entities again accounted for the largest percentage… Continue Reading

Symantec: Malicious Cyber Attacks Increased by 81 Percent in 2011 and Data Breaches Up

Posted in Data Breach, Data Breach Notification, Data Compliance & Security, Identity Theft, Security

Symantec has released its annual Internet Security Threat Report, and the numbers are astounding.  According to the report, malicious attacks on networks skyrocketed by 81 percent in 2011.    The report also highlights that advanced persistent threats, known as APT attacks, are spreading to organizations of all sizes, with the number of daily APT attacks increasing… Continue Reading