Personally Identifiable Information

News & Analysis as of

Latest Data Breach Settlement Illustrates Need for Companies to Prioritize Cybersecurity

On Aug. 5, 2016, the New York attorney general, Eric Schneiderman, announced a $100,000 settlement with an e-retailer following an investigation of a data breach that resulted in the potential exposure of more than 25,000...more

The Pitfalls of Using Technology to Improve Compliance Effectiveness; Cecelia Jefferson Explains [PODCAST]

Everybody has the intention of being committed to compliance, but when resources need to be devoted to compliance, the company’s true commitment comes into focus. Cecelia Jefferson is a strategic, multi-talented...more

3.3 Million Health Records Breached by Business Associate Newkirk

Newkirk Products Inc., which provides ID cards and management services for healthcare organizations, including multiple Blue Cross Blue Shield organizations, has announced that it has discovered that its computer system was...more

Final Order against Practice Fusion Approved by FTC

On August 16, 2016, the Federal Trade Commission (FTC) approved the final order resolving its privacy complaints against Practice Fusion. The complaint alleged that Practice Fusion “misled consumers by soliciting reviews for...more

HEI Hotels & Resorts Investigating Malware Intrusion

HEI Hotels & Resorts (HEI), which include Hyatt, Sheraton, Marriott and Westin Hotels have notified individuals who purchased food and beverages at 20 locations in 10 states and the District of Columbia that their credit card...more

Plaintiffs Cannot Bring Data Breach Lawsuits Without Evidence That Information Will Be Used To Harm

The latest development in how American courts will handle the standing question for data breach class actions came last week when the U.S. District Court for the District of Columbia dismissed for lack of standing a putative...more

Top Privacy Cases of 2016: Midyear Report

Law360, New York (July 1, 2016, 12:12 PM ET) -- The U.S. Supreme Court made a big splash this year establishing a murky threshold for standing that has already been widely cited by both sides of the bar, while consumers...more

Online Contacts and Eyewear Retailer Pays $100,000 Penalty to New York AG for Security Failures

Online retailer Provision Supply LLC (Provision Supply) (operator of EZContactsUSA.com which sells contacts and eye glasses) settled with the New York attorney general last week for its failure to notify its web customers of...more

Recent Amendments To State Security Breach Notification Laws

Security breach notification obligations vary by state, including how a security breach is defined, the method for providing notice of the breach, and any requirements to notify state regulators. The following summarizes...more

DOE Issues Updated Guidance on Homeless Students

The Department of Education recently issued three pieces of guidance, including detailed non-regulatory guidance, a student fact sheet, and a “Dear Colleague” letter, all of which address meeting the needs of homeless...more

Illinois’ Largest Health System Agrees to Stringent HIPAA Breach Settlement

The Department of Health and Human Services Office for Civil Rights (OCR) announced on August 4, 2016, a settlement agreement with Advocate Health Care Network, an integrated healthcare system with ten hospitals and a...more

HIPAA News: HHS Getting Tough On ePHI Data Breaches

On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA...more

Banner Health Begins to Notify 3.7 Million Patients This Week of Data Breach From Cyberattack

Phoenix, Arizona, based Banner Health (Banner), reportedly one of the largest health care organizations in the country, began notifying up to 3.7 million patients this week of a data breach of its computer systems that...more

What Can Go Wrong When You Offer Public Internet Access

By providing public internet access, a business owner may find that he or she is responsible for activity conducted by patrons who use that access. While this area of law is still very much unsettled, a business owner may be...more

Illinois Revises Data Privacy Statute

Earlier this year, Illinois enacted a number of changes to the Illinois Personal Information Protection Act (“PIPA”). The amendments to PIPA, among other things, expand the definition of personal information subject to...more

"Privacy & Cybersecurity Update - July 2016"

In this edition of our Privacy & Cybersecurity Update, we discuss the revised Privacy Shield and what companies should be doing to prepare for the new program, the FTC's reinstatement of its LabMD case, the European...more

Food and Beverage Law Update: August 2016

When food and beverage companies think of their largest risks, data breaches have not historically come to mind, but this is changing because of reports in the past few months of major breaches by companies such as Noodles &...more

In re Nickelodeon Consumer Privacy Litigation: An IP Address is Not Always Personally Identifiable Information

What’s the Case About? In re Nickelodeon Consumer Privacy Litigation is a multi-district consolidated class action filed on behalf of children under the age of thirteen alleging that Viacom used child directed websites it...more

Athens Orthopedic Clinic’s EMR compromised by hackers using vendor’s log-in credentials

Athens Orthopedic Clinic in Georgia reported on July 25, 2016, that a hacker gained access to its electronic medical record system at the end of June using the log-in credentials of a third-party vendor....more

Behavioral health provider StarCare Specialty notifies 2,900 patients of breach of PHI

StarCare Specialty Health System, located in Lubbock, Texas, is notifying 2,900 patients “who received Intellectual Developmental Disabilities program services, Behavioral Health program services, and Therapeutic Treatment...more

Illinois voter registration database hacked

The Illinois State Board of Elections has notified voters that its online voter registration site has been hacked. According to the letter sent to Illinois voters by the Board of Elections, “We have found no evidence...more

Is Ransomware a Notifiable Data Breach Event?

There is no doubt that companies face unprecedented volume and variation in both disruptive and intrusive cyberattacks on their networks. Among the different attack methodologies today, ransomware is quickly becoming a major...more

U.S. Court in Louisiana Remands Advance Stores Co. Data Breach Class Action to State Court

In a case with a familiar fact pattern, the United States District Court for the Eastern District of Louisiana refused to find that permitting Plaintiff to proceed in Louisiana state court was “futile” on Article III standing...more

Judge seals transcript of Title IX hearing

A federal judge in North Carolina sealed a transcript of a University of North Carolina (UNC) hearing to determine whether the plaintiff was responsible for committing sexual acts without consent. In the case in question, the...more

See You In Court! - July/August 2016

Out of the blue, Nancy Newshound, longtime reporter for the Nutmeg Bugle called Mr. Superintendent. “I understand that a student hacked the district’s system and changed a bunch of grades,” she stated. “What can you tell me...more

1,348 Results
|
View per page
Page: of 54
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×