Written by Amy Malone Effective as of May 8, 2012, Vermont’s updated data breach law (Act 109) brings along several changes. The biggest change is in the notification requirements. Notification to consumers must now occur no later than 45 days after discovery of the incident and must include the approximate date of the security breach… Continue Reading
While those of us in the United States were observing Memorial Day and enjoying the unofficial start of summer, the grace period from enforcement of the UK “Cookie Law” expired on Sunday, May 27th. Accordingly, websites must now officially obtain “informed consent” from visitors before saving cookies on a machine. The reach of… Continue Reading
A recent Massachusetts Superior Court decision, Falmouth Firefighters Union v. Town of Falmouth, answers “no.” Our colleagues over at the Mintz Levin Employment Matters blog have posted an analysis of this interesting decision and the takeaways for employers — particularly Massachusetts employers. Read more here.
As the old canard goes: “Ignorance of the law is no excuse.” The Ninth Circuit agrees, particularly when it comes to misdemeanor charges under HIPAA for “wrongful disclosure.” Our colleagues at the Mintz Health Law & Policy Matters blog tell the story here.
Navigant recently published the latest update of its comprehensive Information Security and Data Breach Report, which adds yet another analytic view of the data breach picture. And the view is not a pretty one. You can get a copy of the report here. Some of the “highlights”: Healthcare entities again accounted for the largest percentage… Continue Reading
Symantec has released its annual Internet Security Threat Report, and the numbers are astounding. According to the report, malicious attacks on networks skyrocketed by 81 percent in 2011. The report also highlights that advanced persistent threats, known as APT attacks, are spreading to organizations of all sizes, with the number of daily APT attacks increasing… Continue Reading