Data Protection Personally Identifiable Information

News & Analysis as of

Commission on Enhancing National Cybersecurity Releases Report

On December 1, the nonpartisan Commission on Enhancing National Cybersecurity (Commission) released a report on securing and growing the national economy. This report includes six imperatives for enhancing cybersecurity (and...more

Data Security for Employers: An Update

Employers store, manage, and share sensitive data about employees. The Navigator and other commentators have written a lot about issues related to personally identifiable information, health-related data, and employee...more

New FTC Data Breach Response Guidelines

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

FTC Publishes Data Breach Response Guidelines

Whether resulting from a planned cyberattack or mere carelessness, data breaches are on the rise. In 2015, 781 data breaches were reported across the United States, with the average breach costing $3.8 million. In 2016, the...more

FINRA Fines Lincoln Financial Group $650,000

A Lincoln Financial Group subsidiary has agreed to accept a $650,000 fine levied against it by the Financial Industry Regulatory Authority (FINRA) and to implement more robust security controls for a 2012 hacking that...more

Data Breach Decision Points: Part 8

The best way for a company to handle a data breach is to be prepared. As we discuss in our data breach readiness handbook, preparation includes, among other things, drafting an incident response plan, reviewing...more

Adobe Reaches $1M Settlement with 15 States Related to 2013 Data Breach of Customer Data

Last week, attorneys general in 15 states announced a $1 million settlement with Adobe Systems Inc. (“Adobe”), concluding a multistate investigation related to a 2013 breach of Adobe customer data. The breach, which was...more

Feeling Lost in a Storm After Suffering a Data Breach?

When faced with a data breach, it’s easy for companies to feel like they’re attempting to navigate a storm without a rudder. To provide a guiding light to companies, the Federal Trade Commission (“FTC”) recently issued...more

How The FTC Guides Businesses Through Data Breaches

The Federal Trade Commission (“FTC”) recently released a data breach guide for businesses, along with a video and blog to help companies following the immediate aftermath of a data breach. The FTC also provides a model data...more

California Amends Data Breach Notification Law to Require Notification of Breach of Encrypted Personal Information When Encryption...

On September 13, 2016, California Governor Jerry Brown signed into law AB 2828, an amendment to the law that requires businesses to disclose data breaches to California residents whose personal information has been...more

Confusing Joint Guidance published by OCR and FTC on HIPAA Authorization Forms

There are arguments that there is a dearth of guidance by both the Office for Civil Rights (OCR) and Federal Trade Commission (FTC), so when guidance comes out, we listen. But the most recent guidance jointly issued by the...more

Privacy Tip #58 – Distrust Social Media? Almost All Americans Do, But Still Use Them

A recent nationwide poll conducted by The Rad Campaign and Lincoln Park Strategies shows that although 96 percent of American social media users distrust the ability of social media platforms to protect their personal...more

HHS Publishes New Guidance on HIPAA and Cloud Computing

The U.S. Department of Health and Human Services Office for Civil Rights (OCR) has issued a new guidance regarding HIPAA compliance and the use of cloud computing solutions. The guidance is intended to assist covered entities...more

Fenwick Privacy Bulletin - Fall 2016

Privacy Shield – An Early Reflection - EU law generally prohibits the transfer of personal data from the European Economic Area to the U.S., unless the transfer is made in accordance with an authorized data transfer...more

Asia-Pacific Data Flow

On October 19, the US Department of Commerce and the Personal Information Protection Commission of Japan announced their commitment to expand the Asia-Pacific Economic Cooperation (APEC) Cross Border Privacy Rules (CBPR)...more

California Updates Data Breach Notification Statute for 2017

California, which has historically been one of the states at the vanguard of data breach notification issues, has made an update to its statute that takes effect on January 1, 2017. The update will require companies to notify...more

Small-Breach Focus Shows Growing Scope Of HIPAA Probes

Flexing yet more enforcement muscle under the Health Insurance Portability and Accountability Act, on Aug. 18, 2016, the U.S. Department of Health and Human Services Office for Civil Rights announced that it will more widely...more

Big Data, Big Risk? Privacy and Security Tips for Fintech Companies

Many fintech companies collect and process vast amounts of data in order to provide financial services quickly and inexpensively. Much of this data is highly sensitive personal information such as date of birth, social...more

Privacy Tip #51 – Check Up on Your Tax Preparer’s Data Security Measures

We have written before about the ability of hackers to file false tax returns to get fraudulent refunds by using the IRS website, and how hundreds of thousands of Americans have become victims of tax fraud. The IRS...more

California Considers Rules For Data Security, Geolocation ­

On Wednesday, August 24, the California state senate (the “Senate”) took action on a bill that would expand the definition of protected personal consumer data to include geolocation and biometric information while also...more

Privacy Tip #49 – Use a Passphrase Instead of a Password

I love to train employees on data privacy and security. It tends to be rather entertaining as I can tell crazy stories about real life scenarios about data breaches or compromises. The stores are quite beneficial, as most...more

Illinois Revises Data Privacy Statute

Earlier this year, Illinois enacted a number of changes to the Illinois Personal Information Protection Act (“PIPA”). The amendments to PIPA, among other things, expand the definition of personal information subject to...more

Potential Risks and Rewards of Cybersecurity Information Sharing Under CISA

When President Obama signed into law the Cybersecurity Act of 2015, which was designed to facilitate information sharing on cybersecurity threats between the public and private sectors, proponents hailed it as “our best...more

BYOD Risks under HIPAA – Does Your HIPAA Compliance Program Adequately Address the Ever Increasing Use of Portable Electronic...

Many U.S. employers are now allowing employees to use their own personal handheld devices and laptop computers for work-related purposes. As the age of employer-provided devices is coming to an end and “bring your own device”...more

Data Breach Incident Response: 5 Questions to Ask and New Laws to Know Now

The spring legislative sessions this year brought a now-familiar round of revisions to data breach notification laws, with states broadening their laws in often divergent ways. This year, Illinois, Nebraska, and Tennessee...more

520 Results
|
View per page
Page: of 21
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×