Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Monthly Archives: September 2012

Recommended Reading – BYOD and Reasonable Security

Posted in Data Breach, Data Compliance & Security, Security

Much has been written, in this space and elsewhere, on the concept of “reasonable security” — what constitutes “reasonable security,” how much security is “reasonable,” etc.    The entry of the choice of computing devices to the workplace  – known as the “bring your own [personal] device” or “BYOD” trend – has also been dissected at length.  Companies are… Continue Reading

Hack Attack: US Financial Institutions in the Cross-Hairs

Posted in Data Breach, Identity Theft

Written by Amy Malone Last week the FBI released a fraud alert warning financial institutions that cyber criminals have been using tactics such as spam and phishing emails to obtain employee log-in credentials.  After obtaining the credentials the hackers initiated wire transfers oversees.  A few days after the alert, Bank of America, JPMorgan Chase  and… Continue Reading

Beware the Weakest Link: Human Behavior

Posted in Data Breach, Data Breach Notification, Security

Written by Stephen Bentfield Today’s Washington Post includes a front page article that should serve as a warning to any employer about increasingly sophisticated social engineering attacks that exploit one key vulnerability that is essentially immune to technical solutions:  their employees.  Social engineering attacks work by exploiting the natural human tendency to trust and thereby… Continue Reading

Apple Shareholders Request Information From Board on Privacy/Security Risk

Posted in Data Breach, Data Breach Notification, Data Compliance & Security

Written by Amy Malone This week, Apple shareholders requested that its Board of Directors publish a report explaining how the board oversees privacy and data security risks.  The proposal, which is available here, was prompted by concern that recent issues such as the unauthorized access to iPhone users’ address books and the release of one… Continue Reading

NLRB to Costco: Your Social Media Policy Needs a Do-Over

Posted in Privacy Regulation

By David M. Katz There is no denying that the NLRB has recently devoted significant attention to employee’s use of social media.  Since August 2011, the Board’s Acting General Counsel, Lafe Solomon, issued three reports outlining his view of how the NLRA applies to employers’ social media policies and employees’ social media postings.  Click here… Continue Reading

You’ve Got Mail: Senator Rockefeller Sends Letter to CEOs re: Cybersecurity….Reply Requested

Posted in Data Compliance & Security, Privacy Regulation

Written by Adam Veness Senator John D. Rockefeller IV (D., W.Va.) recently sent a letter to the CEOs of all Fortune 500 companies asking the companies for more information about their cybersecurity practices.  The letter comes a month after Senate Republicans filibustered and blocked a bill that would have established voluntary computer security standards for… Continue Reading

Mass Eye and Ear Infirmary Hit with $1.5M Breach Settlement

Posted in Data Breach, Data Breach Notification, HIPAA/HITECH

Originally posted by Dianne Bourque in Mintz Levin’s Health Law & Policy Matters blog As the old saying goes, “no good deed goes unpunished….”    The most recent, published Office for Civil Rights (OCR) HIPAA enforcement action serves as an important reminder that self-reported breaches can and do lead to investigations and enforcement.   Massachusetts Eye and Ear… Continue Reading

Broad new data security rule proposed for federal contractors

Posted in Data Compliance & Security, Privacy Regulation

Written by Jonathan Cain A new rule proposed for federal government contractors will require that all federal contracts over $100,000 (including contracts for commercial items and those to small businesses) will have to include a clause requiring the contractor to implement  basic data security protections for any non-public data provided to the contractor by the… Continue Reading

FTC to Mobile App Developers: Get Privacy Right from the Start

Posted in Data Compliance & Security, Federal Trade Commission, Online Advertising, Privacy Regulation

Mobile app developers have some unique challenges when it comes to preparation and implementation of privacy policies.   But, regulators have made it quite clear that the general privacy laws and regulations apply whether the application is online or mobile.  To refresh your memory, see our Mintz Client Alert (here) regarding the California AG’s agreement with… Continue Reading

AntiSec Hackers Strike Again – UPDATE

Posted in Security

Updated to add link to new PC Magazine article AntiSec – the hacker group that is the “merger” of Anonymous and Lulzsec – claims to have obtained the unique device identifiers (UDIDs) from 12 million Apple iPhone and iPad users by breaching an FBI computer, and have published more than 1 million of them. Details of the… Continue Reading