Data Security Personally Identifiable Information

News & Analysis as of

Does Your Organization Collect Geo-Location Information?

Smartphones, smartphone apps, websites, and other connected devices (e.g., “wearables”) increasingly request that consumers provide their geo-location information. Geo-location information can refer to general information...more

Employment Agreements: Current Issues

Employment agreements are not unusual, particularly for managers and executives. As new laws come into existence and as the work environment is changed by data and data security, drafting adequate, enforceable agreements can...more

Best Practices For Implementing Internal Security Controls

Many security risks can be avoided or mitigated by implementing sufficient internal security controls which are tailored to the organization’s size, needs, and specific industry. The Federal Trade Commission (“FTC”) sets...more

Nebraska and Illinois Update Breach Notice Requirements

The data breach notification laws for Nebraska and Illinois have been updated to expand the definition of “personal information” to include usernames and email addresses in combination with a password or security question...more

Colorado Student Data Privacy Bill – What EdTech software providers need to know

Colorado is the latest state to revisit, and expand upon, its laws pertaining to the use and protection of student data. Colorado Governor John Hickenlooper recently signed into law House Bill 16-1423 (the “Bill”) designed to...more

IRS Issues New Requirements for IVES Participants

On June 23rd, the IRS dropped a bombshell on the lending industry. As of Midnight on July 1, 2016, many lenders will no longer be able to verify directly borrower income except through snail mail. If the IRS sticks to its...more

Cybersecurity News & Notes – June 2016 #3

In Case You Missed It: Illinois strengthened its data privacy and security law, with the amendments going into effect in January 2017. The amendments include expanding the definition of “personal information” to include a...more

The Paper Trail: The Potential Data-Breach Sitting in your Printer

In April 2016, the sensitive personal medical information of NFL players was stolen from the car of a trainer who had left the files in a backpack in his locked car. In 2014, Safeway, Inc. settled charges brought by the...more

FTC Staff Tackle FCC Privacy Rules in Public Comment

As the Federal Communications Commission sifts through over 50,000 comments received in response to its proposed broadband privacy rules, the Federal Trade Commission’s comments are likely to stand as a highlight. In a...more

Hacked and Left Holding the Bag - Cyber Liability Issues

If you read any newspaper, trade publication or twitter feed, you know that ongoing concerns regarding cyber security continue to grow. We have seen an article in the New York Times discussing hacking of major law firms with...more

Laws Governing Data Security and Privacy – U.S. Jurisdictions at a Glance (updated for 2016)

The attached chart constitutes a summary of the laws of various jurisdictions that govern data breach notifications....more

Data Privacy Considerations for Starting or Evaluating a Bounty Program

Data security officers typically look for security risks by monitoring reports from automated security systems, listening to employees’ reports of security issues, and/or auditing IT systems. There is a great deal of debate,...more

Employee Data Security: Perquisite or Prerequisite?

One of the many costs of doing business in this day and age is the threat of a data breach. In the past several years data breach incidents have occurred with increasing frequency. From Target to eBay and Sony to Ashley...more

Top Takeaways from DWT’s April 26 Open Internet Webinar

As the communications industry anxiously awaits a decision from the U.S. Court of Appeals for the D.C. Circuit on the judicial challenge to the Federal Communications Commission’s Open Internet rules, the Commission is...more

Newest Ponemon study released on health care data breaches

The Ponemon Institute has recently released its Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data. The study has included business associates for the past two years. The study included information received...more

Stop Faxing

I’ve long thought that sending faxes was a pretty silly means of communication. Don’t send me a fax. I don’t want it. At some point I’m hoping that even my kids’ doctor’s office will get dragged into the 20th century and...more

Continuing Data Security Lessons from the SEC

In September, we reported that the Securities and Exchange Commission (SEC) settled charges against a registered investment adviser for a violation of Rule 30(a) of Regulation S-P (17 C.F.R. 248.30(a))(“Safeguards Rule”) for...more

Class Certification Improper in Data Breach Case, PA Appellate Court Finds

The Pennsylvania Superior Court has affirmed a trial court's decision denying class certification in a data breach case against two health plans, reversing its own earlier ruling in the same case that the plaintiff did not...more

FCC Proposes Indiscriminate PII Definition in Privacy NPRM

In addition to a bothersome “breach” definition, the Federal Communications Commission (“FCC”), in its April 1, 2016 Notice of Proposed Rulemaking (“NPRM”) concerning ISP privacy regulation, proposes a sweeping definition of...more

The CFPB Takes First Enforcement Action Related to Data Security Practices

The Consumer Financial Protection Bureau (CFPB ) has taken its first UDAAP action against a consumer financial service provider related to data security practices. Since its launch in December 2009, Dwolla, Inc. ("Dwolla"),...more

The FCC’s Privacy NPRM: A Closer Look at the Commission’s Legal Authority and Some of Its Proposals

As we have previously advised, the FCC’s proposed rulemaking to “protect the privacy of customers of broadband and other telecommunications services” (the “NPRM”) proposes sweeping changes to the ways that Internet Service...more

Employee Benefit Plans and Data Security Issues

In recent weeks, much of the discussion around a recent Supreme Court case, Gobeille, has focused on ERISA preemption. But for fiduciaries of benefit plans the case can serve as a reminder of important duties that often go...more

Analysis of the FCC’s Proposed Broadband Privacy Regulations

As we highlighted in a post last month, the FCC has proposed sweeping new privacy rules on broadband providers. Since our last post, the FCC has released its proposal in the form of a Notice of Proposed Rulemaking. ...more

Tennessee Amends Its Data Breach Notification Laws

Removes the Encryption Safe Harbor, Limits the Timing of Notice, and Expands “Unauthorized Persons” - Effective July 1, 2016, Tennessee becomes the first state to remove the encryption safe harbor from its data breach...more

Data Security: You Must Know Where the Data Is Located Before You Can Secure It

It is commonplace to turn on the television news and hear of a new data breach from a large retailer or someone else. No one wants the legal problems (not to mention the embarrassment and the hit to reputation) from having...more

251 Results
|
View per page
Page: of 11
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×