Data Protection Personally Identifiable Information

News & Analysis as of

Nevada and North Dakota amend state breach notification laws

Nevada has amended its breach notification law, effective July 1, 2015, to include a medical or health insurance identification number and a user name, unique identifier, or e-mail address in combination with a password or...more

With the IRS breach, it’s clear your data is at risk

The Internal Revenue Service (IRS) released on Tuesday, May 26, 2015, news of a major data breach, estimated to have affected 100,000 U.S. households’ tax returns. The data was wrongfully obtained from an IRS application...more

IRS Data Breach Results in Thousands of Fraudulent Tax Returns

On Tuesday, May 26th, 2015, the IRS disclosed that a data breach of its online Get Transcript application occurred when sophisticated hackers attempted to access over 200,000 personal tax accounts. More importantly, however,...more

Healthcare Organizations not Immune from Criminal Attacks on Sensitive Information

This month, the Ponemon Institute released its Fifth Annual Benchmark Study on Privacy & Security of Healthcare Data and its findings are generating a good deal of attention. In the past, the Study has found that most data...more

Government Contracts Quarterly Update - May 2015

The Government Contracts Quarterly Update is published by BakerHostetler’s Government Contracts Practice team to inform our clients and friends of the latest developments in federal government contracting. Topics in the...more

Nevada Broadens Definition of Personal Information for Purpose of Encryption and Breach Notices

On May 13, Nevada passed a new law (A.B. 179) expanding the definition of “personal information” to include a natural person’s first name or initial and last name in combination with: 1) medical and health insurance...more

Nevada Expands Definition of PI for Purposes of the State’s Breach and Safeguards Laws

Nevada’s recently amended law will, among other things, create the first state mandate to encrypt online account credentials. Specifically, on May 13, 2015, Nevada Governor Sandoval approved a bill (“AB 179”) to expand the...more

State AGs’ Interest in Privacy and Cybersecurity – No End in Sight – REDUX (or, if you prefer, we told you so…)

Reed Smith has been closely following the interest and activities of State AGs in the areas of privacy and cybersecurity, and recently blogged on a major NAAG (National Association of Attorneys General) conference in April on...more

Senator Leahy Introduces Data Privacy And Notification Law With Limited Preemption of State Law

On April 30, 2015, Senator Patrick Leahy (D-VT) introduced new data breach legislation. The proposed law would require companies to meet certain consumer privacy and data protection standards and to notify individuals within...more

Protecting Personal Data in China: An Update

Personal data protection legislation has been a widely discussed topic in recent years in China, mainly because employees of institutions that amass personal data of users and clients in the course of their business (such as...more

The Arizona Data Breach Law

Almost all U.S states have laws about data security and what to do when there’s a data breach. Here is what’s in the Arizona law. Who The Law Applies To. The law applies to anyone who conducts business in Arizona and...more

Business information and data processing: tidbits on the draft Code of Conduct

On March 11, 2015 the Italian Data Protection Authority (Garante per la protezione dei dati personali, the “Italian DPA“) initiated a public consultation on the draft Code of Conduct concerning the processing of personal data...more

Consumer Privacy Bill of Rights

The White House released its much anticipated legislative proposal on the Consumer Privacy Bill of Rights Act (CPBRA) that was first floated in 2012. The CPBRA, if enacted (which seems unlikely before 2016), would provide...more

White House Introduces Discussion Draft of Consumer Privacy Bill of Rights

Although most states have enacted some form of data privacy and breach notification laws, and certain federal statutory schemes cover specific industry sectors, there are no privacy protections for all personal data. Given...more

What is a Privacy Policy? – Part 1

A privacy policy is a key legal document in this new era of Big/Data/Breaches. When distilled to its essence, a privacy policy is simply “say what you do, and do what you say” with others’ personal information. A growing...more

China to Implement New Personal Data Protection Rules

Effective March 15, 2015, China’s State Administration for Industry and Commerce (SAIC) will implement the new Measures for Penalties for Infringing upon the Rights and Interests of Consumers (Measures). The Measures clarify...more

Office of Civil Rights Delays Phase 2 Audits

The Office of Civil RIghts (“OCR”) recently announced that Phase 2 of the HIPAA audits would be further delayed because the audit portals and project management tools that are needed to initiate the audit process are not...more

Standing in Data Breach Cases – Still a Moving Target

Where do we stand on standing in data breach cases? It depends on which court you ask. In December 2014, two courts considered whether plaintiffs alleged sufficient injury in their complaints involving well-known data...more

South Korean Communications Commission Releases Guidelines on Data Protection for Big Data

In December 2014, the Korea Communications Commission (KCC) released the“Big Data Guidelines for Data Protection” (Guidelines). Aimed at Information and Communications Service Providers (ICSPs), they are designed to prevent...more

China's State Administration for Industry and Commerce Releases Measures Defining Consumer Personal Information

In January, China’s State Administration for Industry and Commerce (SAIC) released its ‘Measures on Penalties for Infringing Upon the Rights and Interests of Consumers’ (Measures) which are due to take effect March 15, 2015....more

Preparing for a Data Breach – What to Know about Breach Notification

Data breaches are at the forefront of the news, and many companies, including those dominant in the health care industry, have found themselves front and center in the headlines. Although recent news stories have focused...more

How Recent Data Breaches are Changing the Face of Cybersecurity for the Private Sector

If "The Year of the Breach" and the rapid start to data breaches in 2015 have taught us anything, it is that any company is susceptible to a cyber attack; and, while data breaches are not a new concept, the way the private...more

Locke Lord QuickStudy: Attention, Health Insurers: Unique Encryption Requirements in NJ

Setting a new standard for encryption, New Jersey has enacted a new law (P.L. 2014, c. 88, codified at N.J. Stat. Ann. §§ 56:8-196 - 56:8-198) effective August 1, 2015, requiring health insurance carriers authorized to issue...more

The Anthem Data Breach: The Fallout and What’s Next

By now (unless you have been under a snow drift), you have likely heard about the apparent intrusion into a database at the nation’s largest health insurer, Anthem, Inc. Rather than reiterate the facts as currently known...more

Digital Insights & Trends: What Keeps You Up At Night (Round 2) – Data INsecurity

We’re still wide awake, focusing on what keeps us (and our financial institution clients) up at night. Let’s pick up where we left off following our December webinar, but this time address data INsecurity from the perspective...more

306 Results
|
View per page
Page: of 13

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.
×