Safeguards against Data Security Breaches (Part One)
Well, the headlines don’t exactly work with the traditional tune, but blame the editor for that...
2013 was a busy year for California. We passed a budget with a surplus, let Kim and Kanye get engaged in one of our...more
Compliance, like many other aspects of the business world, is a balance of risks. Unfortunately, it often takes an organization being rebuked in some fashion before it realizes the importance of failure to be in compliance. ...more
On October 21, 2013, the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE Committee) held its long-awaited vote and adopted compromise amendments that would modify the...more
On September 13, 2013, Manitoba joined Quebec, British Columbia and Alberta by enacting provincial private sector privacy legislation.
Once it comes into force, Manitoba’s Personal Information Protection and Identity...more
German companies sometimes are required to collect data for legitimate business purposes, including for compliance, to investigate malfeasance, for adjudication of claims and to protect personal data of customers from misuse....more
As of January 1, security breach notifications must be provided to consumers when certain account information is compromised.
On September 27, California Governor Jerry Brown signed into law Senate Bill No. 46 (S.B....more
On Friday, September 27, California governor Jerry Brown signed a bill, S.B. 46, which increases the online protection of potential identity theft for Californians by requiring companies to give notice when a California...more
California is continuing to blaze new trails in the area of online data privacy. Gov. Jerry Brown recently signed into law several new pieces of privacy legislation. The new laws affect all operators of commercial Web sites...more
Cities, Counties, Special Districts and School Districts Must Now Notify Those Impacted by Security Breaches -
Gov. Jerry Brown recently signed Assembly Bill 1149 (AB 1149) and Senate Bill 46 (SB 46) into law,...more
Natural Provisions, Inc., a Vermont health foods grocery chain, agreed to pay $30,000 to settle claims brought by the Vermont attorney general that it failed to notify consumers and the attorney general within the statutory...more
Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that...more
North Dakota has amended its Notice of Security Breach for Personal Information statute, North Dakota Century Code Section 51-30 et seq., to expand the definition of “personal information” to include “medical information” and...more
The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more
This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more
Today’s the day! Today marks the long-awaited compliance date for the HIPAA Omnibus Rule.
In case you have put any thoughts of compliance with the Omnibus Rule out of your mind, you can no longer escape.
If you sponsor a group health plan that is subject to the HIPAA Privacy and Security Rules, it is time to review and revise your policies and procedures and re-train your employees regarding the proper procedures when...more
A report recently issued by the California Attorney General reveals that millions of Californians were the victims of a data breach in 2012, mostly due to intentional intrusions by outsiders or by unauthorized insiders....more
If You Care About the Security of Your Online Data or Just Love Charts, This Report is For You -
Californians are a diverse bunch (as you’ve probably gathered from those commercials with Arnold Schwarzenegger), but...more
Scott & Scott, LLP attorney, Brian Von Hatten, suggests organizations should take necessary and required measures to safeguard consumer's personally identifiable information (PII) because of the significant risks and...more
Companies doing business in China should take careful notice that China is now paying more attention to personal data privacy collection. This would be an opportune time for private companies to internally review existing...more
Five years after the ALRC recommended that mandatory data breach notification obligations be included in Australian privacy laws, the Privacy Amendment (Privacy Alerts) Bill 2013 (Bill) which addresses this recommendation,...more
Our articles this month focus on health care reform. First, Jim Napoli and Brian Neulander comment on the potential for litigation under the Affordable Care Act's (ACA's) whistleblower protections and ERISA Section 510 as a...more
Lawmakers in Washington, D.C., continue to show interest in understanding and developing regulatory proposals relating to mobile apps. The interest appears to be driven, at least in part, by policymakers’ concerns about...more
Privacy law is once again on the Government’s legislation reform agenda with the introduction recently of the Privacy Amendment (Privacy Alerts) Bill 2013. The Bill if passed will amend the Privacy Act 1988 (Cth) to introduce...more
The FTC posted on its website an updated version of its COPPA FAQs. (The FTC amended its COPPA Rule in December 2012, which we summarized in this Alert.) The deadline for complying with the amended COPPA Rule is July 1, 2013....more