Data Security Personally Identifiable Information

News & Analysis as of

California Considers Rules For Data Security, Geolocation ­

On Wednesday, August 24, the California state senate (the “Senate”) took action on a bill that would expand the definition of protected personal consumer data to include geolocation and biometric information while also...more

Privacy Tip #49 – Use a Passphrase Instead of a Password

I love to train employees on data privacy and security. It tends to be rather entertaining as I can tell crazy stories about real life scenarios about data breaches or compromises. The stores are quite beneficial, as most...more

Cybersecurity News and Notes – August 2016 #3

In Case You Missed It: Sometimes data breaches crop-up in the most unlikely of places. Last week we learned that the vendor that handles fish and hunting licenses for the states of Idaho, Oregon, and Washington was hacked. ...more

Latest Data Breach Settlement Illustrates Need for Companies to Prioritize Cybersecurity

On Aug. 5, 2016, the New York attorney general, Eric Schneiderman, announced a $100,000 settlement with an e-retailer following an investigation of a data breach that resulted in the potential exposure of more than 25,000...more

Online Contacts and Eyewear Retailer Pays $100,000 Penalty to New York AG for Security Failures

Online retailer Provision Supply LLC (Provision Supply) (operator of EZContactsUSA.com which sells contacts and eye glasses) settled with the New York attorney general last week for its failure to notify its web customers of...more

HIPAA News: HHS Getting Tough On ePHI Data Breaches

On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA...more

Does Your Organization Collect Geo-Location Information?

Smartphones, smartphone apps, websites, and other connected devices (e.g., “wearables”) increasingly request that consumers provide their geo-location information. Geo-location information can refer to general information...more

Employment Agreements: Current Issues

Employment agreements are not unusual, particularly for managers and executives. As new laws come into existence and as the work environment is changed by data and data security, drafting adequate, enforceable agreements can...more

Best Practices For Implementing Internal Security Controls

Many security risks can be avoided or mitigated by implementing sufficient internal security controls which are tailored to the organization’s size, needs, and specific industry. The Federal Trade Commission (“FTC”) sets...more

Nebraska and Illinois Update Breach Notice Requirements

The data breach notification laws for Nebraska and Illinois have been updated to expand the definition of “personal information” to include usernames and email addresses in combination with a password or security question...more

Colorado Student Data Privacy Bill – What EdTech software providers need to know

Colorado is the latest state to revisit, and expand upon, its laws pertaining to the use and protection of student data. Colorado Governor John Hickenlooper recently signed into law House Bill 16-1423 (the “Bill”) designed to...more

IRS Issues New Requirements for IVES Participants

On June 23rd, the IRS dropped a bombshell on the lending industry. As of Midnight on July 1, 2016, many lenders will no longer be able to verify directly borrower income except through snail mail. If the IRS sticks to its...more

Cybersecurity News & Notes – June 2016 #3

In Case You Missed It: Illinois strengthened its data privacy and security law, with the amendments going into effect in January 2017. The amendments include expanding the definition of “personal information” to include a...more

The Paper Trail: The Potential Data-Breach Sitting in your Printer

In April 2016, the sensitive personal medical information of NFL players was stolen from the car of a trainer who had left the files in a backpack in his locked car. In 2014, Safeway, Inc. settled charges brought by the...more

FTC Staff Tackle FCC Privacy Rules in Public Comment

As the Federal Communications Commission sifts through over 50,000 comments received in response to its proposed broadband privacy rules, the Federal Trade Commission’s comments are likely to stand as a highlight. In a...more

Hacked and Left Holding the Bag - Cyber Liability Issues

If you read any newspaper, trade publication or twitter feed, you know that ongoing concerns regarding cyber security continue to grow. We have seen an article in the New York Times discussing hacking of major law firms with...more

Laws Governing Data Security and Privacy – U.S. Jurisdictions at a Glance (updated for 2016)

The attached chart constitutes a summary of the laws of various jurisdictions that govern data breach notifications....more

Data Privacy Considerations for Starting or Evaluating a Bounty Program

Data security officers typically look for security risks by monitoring reports from automated security systems, listening to employees’ reports of security issues, and/or auditing IT systems. There is a great deal of debate,...more

Employee Data Security: Perquisite or Prerequisite?

One of the many costs of doing business in this day and age is the threat of a data breach. In the past several years data breach incidents have occurred with increasing frequency. From Target to eBay and Sony to Ashley...more

Top Takeaways from DWT’s April 26 Open Internet Webinar

As the communications industry anxiously awaits a decision from the U.S. Court of Appeals for the D.C. Circuit on the judicial challenge to the Federal Communications Commission’s Open Internet rules, the Commission is...more

Newest Ponemon study released on health care data breaches

The Ponemon Institute has recently released its Sixth Annual Benchmark Study on Privacy & Security of Healthcare Data. The study has included business associates for the past two years. The study included information received...more

Stop Faxing

I’ve long thought that sending faxes was a pretty silly means of communication. Don’t send me a fax. I don’t want it. At some point I’m hoping that even my kids’ doctor’s office will get dragged into the 20th century and...more

Continuing Data Security Lessons from the SEC

In September, we reported that the Securities and Exchange Commission (SEC) settled charges against a registered investment adviser for a violation of Rule 30(a) of Regulation S-P (17 C.F.R. 248.30(a))(“Safeguards Rule”) for...more

Class Certification Improper in Data Breach Case, PA Appellate Court Finds

The Pennsylvania Superior Court has affirmed a trial court's decision denying class certification in a data breach case against two health plans, reversing its own earlier ruling in the same case that the plaintiff did not...more

FCC Proposes Indiscriminate PII Definition in Privacy NPRM

In addition to a bothersome “breach” definition, the Federal Communications Commission (“FCC”), in its April 1, 2016 Notice of Proposed Rulemaking (“NPRM”) concerning ISP privacy regulation, proposes a sweeping definition of...more

257 Results
|
View per page
Page: of 11
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×