By Breton Leone-Quick Many of the highest-profile and headline-catching data breaches involve external breaches of a company’s electronic systems. But the reality that these headlines obscure is the fact that internal data breaches are generally more prevalent and represent a primary source of concern for data security managers. The legal liability of employers for data… Continue Reading
Uncategorized
Subscribe to Uncategorized RSS FeedFCC Ruling Addresses Robocalls by Health Care Providers
Posted in Privacy Regulation, UncategorizedWritten by Jordan Cohen As we discussed in last week’s Privacy Monday, the Federal Communications Commission (FCC) recently released its Declaratory Ruling and Order clarifying and expanding the reach of the Telephone Consumer Protection Act (TCPA). While the ruling is broad in its subject matter, part of the ruling specifically addresses so-called “robocalls” made by health care providers…. Continue Reading
Controls Coming for Intrusion & Network Surveillance Tools
Posted in Cybersecurity, UncategorizedThe Commerce Department’s export control agency, BIS, has proposed a new rule to control exports of equipment and software designed or modified to perform network intrusion and internet protocol communications surveillance. The proposed controls also cover technology used to develop intrusion software or network communications surveillance systems. “Intrusion software” is defined to include software specially designed or modified… Continue Reading
Privacy Monday - May 18, 2015
Posted in Children, Cybersecurity, Data Breach, Data Breach Notification, Data Compliance & Security, Events and Webinars, Mobile Privacy, Online Advertising, Privacy Monday, Security, UncategorizedIt’s Monday morning — do you know your privacy/security status? Here are a few bits and bytes to start your week. SEC to Registered Investment Advisers and Broker-Dealers: It’s Your Turn to Pay Attention to Cybersecurity The Division of Investment Management of the Securities & Exchange Commission (SEC) has weighed in on cybersecurity of registered investment companies… Continue Reading
Privacy Monday - May 11, 2015
Posted in Children, Employee Privacy, Events and Webinars, Federal Trade Commission, Privacy Monday, UncategorizedOn this Privacy Monday, we have some upcoming events that you might want to add to your calendar. Wednesday, May 13 - Mintz Employment Law Summit (Boston) A discussion of hot topics facing employers, including Privacy in the Workplace. Free event, breakfast and lunch included. Register here. Wednesday, May 13 - National Security, Privacy, and… Continue Reading
Privacy Monday - May 4, 2015: Shaping Up — Update on the EU’s Draft General Data Protection Regulation
Posted in Data Breach, Data Breach Notification, EU Data Protection Regulation, European Union, Events and Webinars, UncategorizedOn this Privacy Monday, we can definitely say that the long winter of our discontent (at least for some of our readers) is over. Happy spring! In case you missed it, last Wednesday we presented the fourth in our Wednesday Webinar series on the progress of the EU draft Data Protection Regulation and what we… Continue Reading
Cross-Device Tracking: The New World
Posted in Data Compliance & Security, Federal Trade Commission, Mobile Privacy, Online Advertising, UncategorizedFacebook does it. Google does it. It’s everywhere in the mobile ad ecosystem. And your smartphone does it more often than you know, according to a study released on Monday by Carnegie Mellon. Now, Federal authorities have turned their attention to cross-device and cross-service tracking of consumers over the last several days and weeks. Speaking at… Continue Reading
Round of 32: Social Media Policies over At-Will Employment
Posted in UncategorizedIf you’ve been following the our sister blog, Employment Matters, then you will understand the headline. If you have not, you should click over there and check out the tournament action on a Friday afternoon while you are … streaming some other things. Social Media Policies won out in the Round of 32… Continue Reading
Precedent and the Price Explain Why Target and the Consumer Class Agreed to an Early Data Breach Settlement
Posted in Class Action Litigation, Data Breach, Data Breach Notification, Privacy Litigation, UncategorizedOn March 18, 2015 – just three months after denial of a motion to dismiss consumer claims arising from Target’s 2013 data breach – Target and the consumer class filed papers seeking approval of a settlement. The proposed settlement agreement creates a $10 million cash fund to be paid out to class members claiming actual damages arising from… Continue Reading
Have you filled out your brackets??
Posted in UncategorizedWhile we’re not in the habit of driving traffic to other blogs, it is always a pleasure to point to one of our Mintz family of blogs doing some great work — the Employment Law Matters blog is hosting a 2015 Employment Law Issues Tournament to go along with your college basketball brackets. 64 employment… Continue Reading
Privacy Monday - March 16, 2015: Unpacking the Obama Administration’s Consumer Privacy Proposal
Posted in Privacy Monday, Privacy Regulation, UncategorizedTaking another “step” toward developing comprehensive privacy legislation, the White House has released a discussion draft of the Consumer Privacy Bill of Rights Act of 2015. The draft reflects the Fair Information Practice Principles (“FIPPs”) long championed by the Obama Administration, and calls on businesses engaged in the collection of consumer information (“covered entities”) to… Continue Reading
ICYMI: Privacy in the Workplace Webinar
Posted in Employee Privacy, Events and Webinars, Privacy Regulation, Social Media, UncategorizedOur 2015 monthly Privacy Issues Wednesday webinar series continued this month with Jennifer Rubin and Gauri Punjabi’s Privacy in the Workplace presentation. Jen and Gauri discussed the latest statutory and common law developments concerning employer monitoring of employee email, access to employee social media accounts, social media policies, and bring your own device (“BYOD”) policies. We… Continue Reading
Cybersecurity Executive Order: Not Much New
Posted in Cybersecurity, Cybersecurity, Data Compliance & Security, UncategorizedPresident Obama’s February 13 Executive Order, “Promoting Private Sector Cybersecurity Information Sharing” (the “EO”), turns out to be light on new measures to improve cybersecurity, but focused heavily on adjustments to prior Executive Orders implementing the rules for handling classified information. This focus introduces concerns about government agencies picking winners and losers in the cybersecurity… Continue Reading
Who’s your role model for EU privacy notices? The latest Google Undertaking
Posted in European Union, Mobile Privacy, Online Advertising, UncategorizedWhen small and mid-size companies start expanding their apps or web presence into Europe, they need to start thinking about EU data protection laws. It’s tempting to take a look at what one or two of the “big guys” do about EU data protection compliance and think that whatever the big guys do in Europe… Continue Reading
REMINDER - Surviving a HIPAA Audit - TOMORROW
Posted in UncategorizedDon’t forget our webinar (rescheduled due to the Blizzard of 2015) on tips to prepare for (and survive) the HIPAA audits that are coming .. Register here!
Privacy Monday - January 26, 2015
Posted in Cybersecurity, Data Breach, HIPAA/HITECH, Legislation, Privacy Monday, Privacy Regulation, UncategorizedGood Monday - The East Coast prepares for Apocalypse (Sn)ow. In the meantime, here are three privacy-related tidbits for your day. Privacy Concerns Cause Scale Back of Release of HealthCare.gov Data We spend a fair amount of time warning about third party vendors and the risk that such vendors can pose to sensitive data. … Continue Reading
For the New Year - A New Mintz Matrix of State Data Breach Notification Laws
Posted in Data Breach, Data Breach Notification, Legislation, Privacy Regulation, UncategorizedMake sure to get your January 2015 Mintz Matrix! Available here for downloading and always linked through the blog right hand navigation bar. Things you will not want to miss: California has significantly amended its breach notification requirements Kentucky’s new data breach law (2014) is expanded effective January 1 As always, this chart is… Continue Reading
Privacy Monday: December 8, 2104 - The Twelve Days of Privacy 2014
Posted in 12 Days of Privacy, Cybersecurity, Data Compliance & Security, EU Data Protection Regulation, Insurance, Legislation, Mobile Privacy, Privacy Litigation, Privacy Monday, Privacy Regulation, UncategorizedOur series last year was a reader favorite, so we decided to put our prognosticator hats on again and present: Rather than look back at 2014, starting tomorrow, the Privacy & Security blog will count down The 12 Days of Privacy, looking ahead to what we might expect in 2015 and what we might… Continue Reading
Thanksgiving and Big Data Visualization
Posted in UncategorizedBig Data can slice and dice just about anything. Big data analytics company, Datawatch, has created two fun demos using turkey and Thanksgiving dinner data. Although the page is promoting a download a 14-day free trial of the company’s software, no download (or registration) is required to see and manipulate the workbooks. First… Continue Reading
Thank You For Your Service — and We Remember
Posted in UncategorizedPrivacy & Security Matters takes a moment today to thank all veterans around the world for your service to your country, and to remember those who have made the ultimate sacrifice. The first shot in what was supposed to be the “war to end all wars” was fired 100 years ago this year, and yet… Continue Reading
California Sets the Curve with New Regulations on Collection and Use of Student Data
Posted in UncategorizedWritten by Jake Romero When one thinks of the use of technology in school, often the first image that comes to mind is of students sending ill-advised Snapchats and making in-app purchases that line the pockets of the Kardashian family, rather than paying attention in geometry. As a tool for teachers, however, online educational tech products… Continue Reading
No news doesn’t mean it’s gone away: Timing Update for the EU Data Protection Regulation
Posted in EU Data Protection Regulation, European Union, Privacy Regulation, UncategorizedWritten by Susan Foster, Solicitor England & Wales/Admitted in California (LONDON) With no major legislative milestones since the March 2014 EU Parliamentary vote endorsing the LIBE draft of the new Data Protection Legislation, observers from outside the EU might understandably wonder whether the legislative process has derailed somehow. But it hasn’t – the train has… Continue Reading
Privacy Monday - June 30, 2014
Posted in Data Breach Notification, Privacy Monday, Privacy Regulation, UncategorizedNot only the last Monday in June, but the last day of June. There are quite a few privacy-related things taking effect tomorrow, July 1. Some reminders: Florida Amendments to Data Breach Notification Law The Florida Information Protection Act of 2014 (“FIPA”) takes effect tomorrow. The FIPA essentially repeals Florida’s existing data breach notification law and… Continue Reading
To our US Readers: Your Privacy & Security Matters Blog Public Service for Thursday, June 26
Posted in Uncategorized
