Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Monthly Archives: July 2013

And the hits keep on coming……..

Posted in Data Breach

The ”hits” to data bases, in any event.   Here is a rundown of some of the most recent data breach reports – Oregon Health & Science University Data Breach Compromises 3,000 Patients’ Records in the Cloud. Modern Healthcare (subscription may be required) reports that the Oregon Health & Science University announced it is “notifying more than… Continue Reading

Privacy Monday – July 29, 2013

Posted in 201 CMR 17.00, Cybersecurity, Data Breach, Data Breach Notification, European Union, Privacy Monday

Privacy goofs, gaffes and tidbits for the last Monday in July —   NSA Surveillance Causes More Grief –Germany Calls for a Stop to Safe Harbor:  Time for Binding Corporate Rules?  According to news sources the federal and state German data protection commissioners late last week sent a letter to German Chancellor Angela Merkel, requesting… Continue Reading

Survey Says: Fortune 500 Disclosing Cyber Risks

Posted in Cybersecurity

Written by Adam Veness Ever since our 2013 prediction, an ever increasing number of public companies are adding disclosure related to cybersecurity and data breach risks to their public filings.  We previously analyzed how the nation’s largest banks have begun disclosing their cybersecurity risks.   Now, it appears that the rest of the Fortune 500 companies… Continue Reading

Privacy Monday – July 22, 2013

Posted in Online Advertising, Privacy Monday

Privacy gaffes and tidbits to start your week.   Keeping up with Kardashians is NOT a defense under HIPAA [Originally posted in Mintz Levin's Health Law & Policy Matters Blog] Written by Dianne Bourque The LA Times recently reported the firing of six workers at Cedars-Sinai Medical Center in connection with the unauthorized access to patient… Continue Reading

American Bar Association’s Blawg 100 — Please Vote!

Posted in Uncategorized

The American Bar Association Journal is compiling a list of the 100 best legal blogs of 2013 and is inviting readers to submit nominations. Click the voting button below to submit a nomination for Mintz Levin’s Privacy and Security Matters Blog. Submissions are accepted through August 9, so please vote!

Avoid an International Conflict of Laws: Court-Ordered Customer Consent

Posted in Privacy Litigation

Cross-border discovery issues and competing data privacy laws are some of the most vexing issues in international litigation, particularly when bank secrecy laws are implicated.   Mintz Levin partner David Barres addresses the discovery of information shielded by foreign bank-secrecy law – specifically, situations where a bank faces conflicting obligations under US law (requiring disclosure of bank… Continue Reading

The New Mintz Matrix Is Here!

Posted in Data Breach Notification

Or as Navin R. Johnson might say …….  * Our updated Mintz Levin State Data Breach Notification Matrix (fondly known as the “Mintz Matrix”) is available here.   We update this resource quarterly, or as events dictate.    Legislatures have been quiet on the data breach notification front since the end of 2012.   Since our last update,… Continue Reading

Privacy Monday

Posted in Uncategorized

Breaches, lawsuits and legislation this Monday, July 15   Programming Error Leads to “Low Tech” Data Breach at Indiana Family and Social Services Administration Although it started with a programming error, the breach itself was paper document.  Apparently, a programming error led to the accidental disclosure of personal information of Indiana residents to other clients… Continue Reading

NIST Issues Guidelines on Mobile Security

Posted in Mobile Privacy

The National Institute of Standards and Technology (NIST) has issued guidelines to help federal agencies manage and secure mobile devices used by their employees for government business. A valuable resource on enterprise mobile device security for all businesses, not just federal agencies, the guidelines are designed to be used by CIOs, CISOs, and other information security… Continue Reading

REMINDER – HIPAA Omnibus Rule Compliance Webinar


Hospital?  Health care provider?  Service provider to either a hospital or other health care provider?    You’ll want to listen in to our HIPAA Omnibus Rule Compliance webinar — details here Topics covered by the webinar include: What to do if you currently have a comprehensive, effective program What to do if your compliance program consists… Continue Reading

FCC: Carriers Must Protect Certain Data Collected on Mobile Handsets

Posted in Mobile Privacy

Written by Ernie Cooper  Aiming to “address the real privacy and security risks that consumers face when telecommunications carriers use their control of customers’ mobile devices to collect information about their customers’ use of the network,” the Federal Communications Commission (FCC) has adopted a Declaratory Ruling holding that the existing rules requiring carriers to protect customer… Continue Reading

Privacy Monday – Privacy Bits and Bytes to Start Your Week

Posted in Uncategorized

UK Regulators Tell Google:  Rewrite that Privacy Policy — Or Else It’s been clear since last year that many European data protection regulators were very unhappy with Google’s “new” privacy policy.   The UK Information Commissioner’s Office has now joined its counterparts in France and Spain in ordering Google to amend its privacy policy by September… Continue Reading

California AG Releases Report on 2012 Data Breaches

Posted in Data Breach Notification, Privacy Regulation

Written by Jake Romero If You Care About the Security of Your Online Data or Just Love Charts, This Report is For You Californians are a diverse bunch (as you’ve probably gathered from those commercials with Arnold Schwarzenegger), but apparently there is something that 2.5 million of us all have in common.  California Attorney General… Continue Reading

Privacy Monday

Posted in Uncategorized

Privacy Tidbits to start your week     The Risk-Benefit Analysis of BYOD As we have written in the past, the proliferation of the “bring your own device” (BYOD) trend is a high-wire balancing act for IT and privacy professionals.    What happens when employees leave the workplace with company assets on those devices that… Continue Reading