Safeguards against Data Security Breaches (Part One)
As more data breaches and information security events occur, the insurance industry will see more disputes over whether losses from these events are covered under commercial general liability (CGL) policies. In the latest...more
2013 was a year in contrasts within data privacy. To begin with the “normal” course, Canada sought (but failed) to pass a mandatory breach notification amendment to its federal privacy law, and Uruguay acceded to the European...more
Ukraine privacy law is undergoing a dramatic shift with its introduction of new legislation, “On Amending Certain Legislative Acts of Ukraine Regarding Improving the System of Personal Data Protection,” enacted on July 3,...more
This fall, Canadian Parliament failed to pass proposed amendments to its federal privacy law that would impose a mandatory breach notification requirement. Bill C-12, originally introduced in 2010 and reintroduced in 2011,...more
The newly revised Consumer Rights and Interests Protection Law of the People’s Republic of China (the Consumer Rights Law, promulgated on October 25, 2013 and becoming effective March 15,2014) is the first revision of China’s...more
The Better Business Bureau (“BBB”) and the Direct Marketing Association (“DMA”) are in charge of enforcing the ad industry’s Self Regulatory Principles for Online Behavioral Advertising (“OBA Principles”), which regulate the...more
Well, the headlines don’t exactly work with the traditional tune, but blame the editor for that...
2013 was a busy year for California. We passed a budget with a surplus, let Kim and Kanye get engaged in one of our...more
Compliance, like many other aspects of the business world, is a balance of risks. Unfortunately, it often takes an organization being rebuked in some fashion before it realizes the importance of failure to be in compliance. ...more
On October 21, 2013, the European Parliament's Committee on Civil Liberties, Justice and Home Affairs (LIBE Committee) held its long-awaited vote and adopted compromise amendments that would modify the...more
On September 13, 2013, Manitoba joined Quebec, British Columbia and Alberta by enacting provincial private sector privacy legislation.
Once it comes into force, Manitoba’s Personal Information Protection and Identity...more
German companies sometimes are required to collect data for legitimate business purposes, including for compliance, to investigate malfeasance, for adjudication of claims and to protect personal data of customers from misuse....more
As of January 1, security breach notifications must be provided to consumers when certain account information is compromised.
On September 27, California Governor Jerry Brown signed into law Senate Bill No. 46 (S.B....more
On Friday, September 27, California governor Jerry Brown signed a bill, S.B. 46, which increases the online protection of potential identity theft for Californians by requiring companies to give notice when a California...more
California is continuing to blaze new trails in the area of online data privacy. Gov. Jerry Brown recently signed into law several new pieces of privacy legislation. The new laws affect all operators of commercial Web sites...more
Cities, Counties, Special Districts and School Districts Must Now Notify Those Impacted by Security Breaches -
Gov. Jerry Brown recently signed Assembly Bill 1149 (AB 1149) and Senate Bill 46 (SB 46) into law,...more
Natural Provisions, Inc., a Vermont health foods grocery chain, agreed to pay $30,000 to settle claims brought by the Vermont attorney general that it failed to notify consumers and the attorney general within the statutory...more
Under the Privacy Rule, an individual has the right to adequate notice of how a covered entity may use and disclose PHI about the individual, as well as his/her rights and the covered entity’s obligations with respect to that...more
North Dakota has amended its Notice of Security Breach for Personal Information statute, North Dakota Century Code Section 51-30 et seq., to expand the definition of “personal information” to include “medical information” and...more
The HHS Office of Civil Rights (OCR) has granted certain clinical laboratories a temporary reprieve from the requirement to update their Notices of Privacy Practices (NPPs) by September 23, 2013, the deadline imposed by the...more
This has been a busy week for the Department of Health and Human Services / Office for Civil Rights (HHS/OCR). It has started releasing guidance on various provisions of the Omnibus HIPAA final rule (the "Final Rule") in...more
Today’s the day! Today marks the long-awaited compliance date for the HIPAA Omnibus Rule.
In case you have put any thoughts of compliance with the Omnibus Rule out of your mind, you can no longer escape.
If you sponsor a group health plan that is subject to the HIPAA Privacy and Security Rules, it is time to review and revise your policies and procedures and re-train your employees regarding the proper procedures when...more
A report recently issued by the California Attorney General reveals that millions of Californians were the victims of a data breach in 2012, mostly due to intentional intrusions by outsiders or by unauthorized insiders....more
If You Care About the Security of Your Online Data or Just Love Charts, This Report is For You -
Californians are a diverse bunch (as you’ve probably gathered from those commercials with Arnold Schwarzenegger), but...more
Scott & Scott, LLP attorney, Brian Von Hatten, suggests organizations should take necessary and required measures to safeguard consumer's personally identifiable information (PII) because of the significant risks and...more
Back to Top