News & Analysis as of

Connecticut Appellate Court Affirms Denial of Coverage Under CGL Policy for Data Breach

As more data breaches and information security events occur, the insurance industry will see more disputes over whether losses from these events are covered under commercial general liability (CGL) policies. In the latest...more

International Privacy - 2013 Year in Review

2013 was a year in contrasts within data privacy. To begin with the “normal” course, Canada sought (but failed) to pass a mandatory breach notification amendment to its federal privacy law, and Uruguay acceded to the European...more

International Privacy - 2013 Year in Review - Ukraine

Ukraine privacy law is undergoing a dramatic shift with its introduction of new legislation, “On Amending Certain Legislative Acts of Ukraine Regarding Improving the System of Personal Data Protection,” enacted on July 3,...more

International Privacy - 2013 Year in Review - Canada

This fall, Canadian Parliament failed to pass proposed amendments to its federal privacy law that would impose a mandatory breach notification requirement. Bill C-12, originally introduced in 2010 and reintroduced in 2011,...more

New PRC Consumer Rights Law fills legal void governing data privacy protections – get ready for 3/15/2014 effective date

The newly revised Consumer Rights and Interests Protection Law of the People’s Republic of China (the Consumer Rights Law, promulgated on October 25, 2013 and becoming effective March 15,2014) is the first revision of China’s...more

BBB Warns Advertisers and Web Publishers to Take Responsibility for Behavioral Advertising Disclosures

The Better Business Bureau (“BBB”) and the Direct Marketing Association (“DMA”) are in charge of enforcing the ad industry’s Self Regulatory Principles for Online Behavioral Advertising (“OBA Principles”), which regulate the...more

On the Second Day of Privacy, California Gave to Me……

Well, the headlines don’t exactly work with the traditional tune, but blame the editor for that... 2013 was a busy year for California. We passed a budget with a surplus, let Kim and Kanye get engaged in one of our...more

The Challenges of Compliance

Compliance, like many other aspects of the business world, is a balance of risks. Unfortunately, it often takes an organization being rebuked in some fashion before it realizes the importance of failure to be in compliance. ...more

European Parliament Adopts Compromise Amendments on Data Protection Regulation

Introduction - On October 21, 2013, the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE Committee) held its long-awaited vote and adopted compromise amendments that would modify the...more

Manitoba’s Private Sector Privacy Law – Similar to Alberta’s Law, but Important Differences Exist

On September 13, 2013, Manitoba joined Quebec, British Columbia and Alberta by enacting provincial private sector privacy legislation. Once it comes into force, Manitoba’s Personal Information Protection and Identity...more

Obtaining German Works Council Approval to Collect Employee E-Mail and Electronic Documents Using EnCase® Enterprise and EnCase®...

German companies sometimes are required to collect data for legitimate business purposes, including for compliance, to investigate malfeasance, for adjudication of claims and to protect personal data of customers from misuse....more

New California Law Protects Online Account Information

As of January 1, security breach notifications must be provided to consumers when certain account information is compromised. On September 27, California Governor Jerry Brown signed into law Senate Bill No. 46 (S.B....more

California Data Breach Notification Laws Expand to Include Login Information

On Friday, September 27, California governor Jerry Brown signed a bill, S.B. 46, which increases the online protection of potential identity theft for Californians by requiring companies to give notice when a California...more

California Enacts Several Pieces of New Privacy Legislation

California is continuing to blaze new trails in the area of online data privacy. Gov. Jerry Brown recently signed into law several new pieces of privacy legislation. The new laws affect all operators of commercial Web sites...more

New Law Requires Local Public Agencies in California To Notify Anyone Affected by a Security Breach

Cities, Counties, Special Districts and School Districts Must Now Notify Those Impacted by Security Breaches - Gov. Jerry Brown recently signed Assembly Bill 1149 (AB 1149) and Senate Bill 46 (SB 46) into law,...more

Vermont Grocery Store Agrees to Settlement with Attorney General for Alleged Violation of State Data Breach Response Laws

Natural Provisions, Inc., a Vermont health foods grocery chain, agreed to pay $30,000 to settle claims brought by the Vermont attorney general that it failed to notify consumers and the attorney general within the statutory...more

OCR Releases Model Notices of Privacy Practices

Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that...more

North Dakota Breach Notification Law - Personal Information Includes Health Information

North Dakota has amended its Notice of Security Breach for Personal Information statute, North Dakota Century Code Section 51-30 et seq., to expand the definition of “personal information” to include “medical information” and...more

OCR Delays Required Changes to Notices of Privacy Practices for Laboratories

The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more

It's Never Too Late To Give Guidance: OCR Starts Releasing HIPAA Omnibus Rule Guidance In Anticipation Of September 23 Compliance...

This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more

Privacy Monday – September 23, 2013: Today Is HIPAA Compliance Day – 5 Things That You Should Have Done

Today’s the day! Today marks the long-awaited compliance date for the HIPAA Omnibus Rule. In case you have put any thoughts of compliance with the Omnibus Rule out of your mind, you can no longer escape. Here...more

Breach Notification: New Rules!

If you sponsor a group health plan that is subject to the HIPAA Privacy and Security Rules, it is time to review and revise your policies and procedures and re-train your employees regarding the proper procedures when...more

California Attorney General’s Report Reveals Millions Affected By Data Breaches In 2012

A report recently issued by the California Attorney General reveals that millions of Californians were the victims of a data breach in 2012, mostly due to intentional intrusions by outsiders or by unauthorized insiders....more

California AG Releases Report on 2012 Data Breaches

If You Care About the Security of Your Online Data or Just Love Charts, This Report is For You - Californians are a diverse bunch (as you’ve probably gathered from those commercials with Arnold Schwarzenegger), but...more

The Costs of Data Breach

Scott & Scott, LLP attorney, Brian Von Hatten, suggests organizations should take necessary and required measures to safeguard consumer's personally identifiable information (PII) because of the significant risks and...more

115 Results
|
View per page
Page: of 5