Privacy Consumer Protection Administrative Agency

Read Privacy Law updates, news, and legal commentary from leading lawyers and law firms:
News & Analysis as of

FTC sued by blogger to release data security guidelines

The Federal Trade Commission (FTC) was sued this week by Philip Reitinger, a fellow blogger and former Deputy Undersecretary of the Department of Homeland Security. He is now President of VisionSpear LLC, an information...more

ONC Releases Updated Guide to Privacy and Security of Electronic Health Information

The Office of the National Coordinator for Health Information Technology (“ONC”) of the U.S. Department of Health and Human Services (“HHS”) recently released Version 2.0 of the Guide to Privacy and Security of Electronic...more

The DOJ’s Cyber Incident “Best Practices” Guidance

The Cybersecurity Unit of the U.S. Department of Justice released in April its “Best Practices for Victim Response and Reporting of Cyber Incidents,” which it says reflects “lessons learned by federal prosecutors while...more

Do You Have a Data Breach Response Plan? U.S. Department of Justice Thinks You Should

In the wake of significant retailer data breaches in 2013 and 2014, and additional significant breaches continuing in 2015, a trend is clearly developing — an expectation of proactive risk identification and mitigation from a...more

The DOJ Sets Out to Establish Standard for Data Security Incident Response and Preparation

Organizations face threats to their data from all fronts, from sophisticated external attacks by hackers to employee error (as the 2015 BakerHostetler Incident Response Report showed). Recognizing the prevalence of these...more

King & Spalding Lawyers Attend DOJ Cybersecurity Industry Roundtable On Data Breaches

On Wednesday, April 29, King & Spalding Partner Phyllis Sumner and Counsel Nick Oldham participated in DOJ’s first Cybersecurity Industry Roundtable regarding data breaches. The Roundtable included several notable DOJ and law...more

DOJ Releases Best Practices for Victim Response and Reporting of Cyber Incidents

Last week, the Cybersecurity Unit of the Department of Justice (DOJ) issued a list of “best practices” for companies concerning preparing for and responding to cyber-attacks. The report details the lessons federal prosecutors...more

ONC-HIT Releases Updated Guide for Privacy and Security of Electronic Health Information

The Office of the National Coordinator for Health Information Technology (ONC-HIT) released version 2.0 of its Guide to Privacy and Security of Electronic Health Information (the Guide). While the Guide clearly states that it...more

Consent to Disclose Information in Response to a Consumer Complaint – Guidance from Canada

Not infrequently, customers may resort to consumer affairs columnists and other third parties, such as consumer advocacy groups, in order to resolve issues that they are having. In these circumstances, is there implied...more

HHS Settlement: Dumpster-Diving Leads to Settlement for Improper Disposal of Documents Containing Protected Health Information

The U.S. Department of Health and Human Services Office for Civil Rights (HHS) recently announced that it has reached an agreement with a small pharmacy to resolve potential HIPAA violations. The settlement arose from the...more

LabMD Litigation Updates

We have been following this case closely. On April 16, the administrative law judge in the FTC v. LabMD case denied LabMD’s request to exclude the FTC from introducing new evidence into the proceeding regarding how Tiversa...more

Online Advertisers Take Notice – Recent Canadian Decisions

The Office of the Privacy Commissioner (OPC) has released two important decisions this year on online behavioural advertising (OBA or interest-based advertising) so far this year. On March 25, 2015, the OPC released its...more

Washington Amends its State Data Breach Notification Law

On April 13, the Washington State Senate unanimously passed an amendment to the state’s data breach notification law. The amendment, which was requested by Washington Attorney General Bob Ferguson, and which we discussed in...more

The FCC Just Upped the Ante for Communications Providers and the FTC with a $25 Million Fine, a Detailed Information Security...

The FCC has been warning communications companies for months that protecting consumer privacy and information security is a top priority, and the recent announcement of a $25 million settlement with AT&T over its alleged...more

FCC Imposes Record Penalty for Data Breach

On Wednesday, April 8, the Federal Communications Commission (FCC) entered a consent decree and levied a $25 million civil penalty against AT&T to settle a data breach that exposed the information of nearly 280,000 customers....more

Montana And Wyoming Revise Data Breach Notification Laws

The states of Montana and Wyoming recently updated their data breach notification statutes. The revisions include updates to the states’ definitions of personal information subject to breach notification provisions, among...more

FFIEC’s Seven Cybersecurity Priorities for 2015

While others were waiting for spring to arrive, community bank officers and directors were waiting for the Federal Financial Institutions Examination Council (FFIEC) to provide additional guidance on its cybersecurity...more

OCR’s Enforcement of HIPAA’s Privacy and Security Rules Continues with Robust 2014

With the news of the recent cyber-attack and resulting data breach at health insurance giant Anthem Inc., the buzz around data security and privacy is again high. The Anthem breach serves as a reminder to those entities...more

Update on State Attorneys General: Connecticut Creates a Permanent Privacy Department; NAAG Covers Big Data, Cybersecurity, and...

The federal government may be pushing a cybersecurity and data privacy agenda, but that doesn’t mean that the states are taking a back seat. The state attorneys general are maintaining their focus on issues relating to...more

Guest Blog Post: Changes to the Polish Data Protection Act

On 1st January 2015 amendments to the Polish Data Protection Act of 29th August 1997 came into force. These amendments (the “Amendments”) impact: (i) the role played by the “administrator bezpieczenstwa informacji,” (“DPO”)...more

Massachusetts Mortgage Lender Fined For Conducting Business at Unapproved Branch Location

On February 27, the Massachusetts Division of Banks entered into a consent order with a mortgage lender resolving allegations that it violated state and federal regulations. Under the terms of the consent order, the mortgage...more

Why the FTC Can Go After Companies For Insufficient Data Security Allegations

The FTC seems more confident than ever in its authority to go after companies with insufficient data security measures. As of January 2015, it had settled 53 data-security enforcement actions, and FTC Senior Attorney Lesley...more

Another Good Reason to Pay Heed to Cyber Security

For many companies, the prospect of a dreadful, costly and reputation-damaging cyber-attack and data breach is all the motivation they need to assess and improve their cyber security and data protection posture RIGHT NOW. ...more

Third Circuit Hears Oral Argument Over Whether FTC Has Authority To Regulate Data Security

After much anticipation, the Third Circuit heard oral arguments (audio) last Tuesday in the interlocutory appeal in FTC v. Wyndham Worldwide Corp. We have written previously about this case, which likely will be a significant...more

FCA publishes Memorandum of Understanding between the FCA and ICO

On 28 January 2015, the Financial Conduct Authority (FCA) published the Memorandum of Understanding (MoU) which it entered into with the Information Commissioner’s Office (ICO) (dated 29 September 2014)....more

192 Results
|
View per page
Page: of 8

Follow Privacy Updates on:

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×