Personally Identifiable Information Data Security

News & Analysis as of

California Attorney General 'Crowdsources' Reporting of Privacy Policy Violations

This initiative by the Attorney General is effective immediately and is just the latest example of California’s effort to increase enforcement of laws aimed at protecting the privacy and data security of individual consumers....more

Five Takeaways: Is Anything Private Anymore? Privacy Considerations for Social Media, Sweepstakes & More

Barry M. Benjamin, partner in the New York office and chair of Kilpatrick Townsend’s Advertising and Marketing group, was honored to present to the American Conference Institute’s 5th Annual Summit on Digital Advertising...more

FCC Releases Proposal for New Privacy Rules Governing ISPs

In an October 6, 2016, blog post and accompanying fact sheet, FCC Chairman Tom Wheeler outlined his proposal for new privacy rules governing Internet Service Providers (ISPs) to be considered by the full Commission during its...more

How to Avoid Risk When Renting, Selling or Streaming Video Content

The Video Privacy Protection Act (“VPPA”) was passed in 1988 in reaction to a fear that people other than a consumer and a video rental store could collect information on a consumer’s video rental history. This was not an...more

Breaches of Mobile-Banking Apps — What can you do?

American banks maintain many levels of protection against fraud. Institutions accurately and quickly can detect suspicious account activity, credit-card charges and funds transfers. But it seems the sophisticated software...more

Reducing Cyber Vulnerability and Keeping Online Voter Registration Data Safe

The recent bi-partisan approach taken by hackers in attacking both the Democratic National Committee and high ranking members of the Republican party has brought the issue of cybersecurity and the safety of online voter...more

Small-Breach Focus Shows Growing Scope Of HIPAA Probes

Flexing yet more enforcement muscle under the Health Insurance Portability and Accountability Act, on Aug. 18, 2016, the U.S. Department of Health and Human Services Office for Civil Rights announced that it will more widely...more

New York Attorney General Announces Settlement With Trump Hotel Over Two Data Security Incidents

On September 23, 2016, New York Attorney General Eric T. Schneiderman announced a settlement with Trump International Hotels Management LLC, d/b/a Trump Hotel Collection (“THC”), imposing $50,000 in penalties and ongoing...more

Privacy Tip #51 – Check Up on Your Tax Preparer’s Data Security Measures

We have written before about the ability of hackers to file false tax returns to get fraudulent refunds by using the IRS website, and how hundreds of thousands of Americans have become victims of tax fraud. The IRS...more

MedStar Health Cardiology Associates Employee Emails Patient Information to Personal Account and Gets Fired

MedStar Health Cardiology Associates, (“MedStar Cardiology”) affiliated with MedStar Health, which was recently in the news for a ransomware attack, discovered that an employee sent protected health information of 907...more

NAIC's New Cybersecurity Model Law Draft Is Still Flawed

Insurers are a prime target for hackers as a result of the vast stores of valuable data they maintain. Not all information is created equal, and it varies in value. Hacker services and software, illegal drugs, cyberweapons...more

Summer Round-Up: Four States Bolster Data Breach Notification Laws and More Changes on the Way

As has become typical in the data security space, there was quite a bit of activity in state legislatures over the previous year concerning data breach notification statutes. Lawmakers are keenly aware of the high profile...more

Advertising Law - August 2016 #3

ANA, 4As Battle Over Transparency Guidance - Two industry groups are engaging in a public battle over transparency. The dispute began when a joint task force was formed between the American Association of...more

California Considers Rules For Data Security, Geolocation ­

On Wednesday, August 24, the California state senate (the “Senate”) took action on a bill that would expand the definition of protected personal consumer data to include geolocation and biometric information while also...more

Privacy Tip #49 – Use a Passphrase Instead of a Password

I love to train employees on data privacy and security. It tends to be rather entertaining as I can tell crazy stories about real life scenarios about data breaches or compromises. The stores are quite beneficial, as most...more

Cybersecurity News and Notes – August 2016 #3

In Case You Missed It: Sometimes data breaches crop-up in the most unlikely of places. Last week we learned that the vendor that handles fish and hunting licenses for the states of Idaho, Oregon, and Washington was hacked. ...more

Latest Data Breach Settlement Illustrates Need for Companies to Prioritize Cybersecurity

On Aug. 5, 2016, the New York attorney general, Eric Schneiderman, announced a $100,000 settlement with an e-retailer following an investigation of a data breach that resulted in the potential exposure of more than 25,000...more

Online Contacts and Eyewear Retailer Pays $100,000 Penalty to New York AG for Security Failures

Online retailer Provision Supply LLC (Provision Supply) (operator of which sells contacts and eye glasses) settled with the New York attorney general last week for its failure to notify its web customers of...more

HIPAA News: HHS Getting Tough On ePHI Data Breaches

On August 4, 2016, the U.S. Department of Health and Human Services, Office of Civil Rights (OCR) announced a record-setting settlement with Advocate Health Care Network (Advocate) for multiple potential violations of HIPAA...more

Does Your Organization Collect Geo-Location Information?

Smartphones, smartphone apps, websites, and other connected devices (e.g., “wearables”) increasingly request that consumers provide their geo-location information. Geo-location information can refer to general information...more

Employment Agreements: Current Issues

Employment agreements are not unusual, particularly for managers and executives. As new laws come into existence and as the work environment is changed by data and data security, drafting adequate, enforceable agreements can...more

Best Practices For Implementing Internal Security Controls

Many security risks can be avoided or mitigated by implementing sufficient internal security controls which are tailored to the organization’s size, needs, and specific industry. The Federal Trade Commission (“FTC”) sets...more

Nebraska and Illinois Update Breach Notice Requirements

The data breach notification laws for Nebraska and Illinois have been updated to expand the definition of “personal information” to include usernames and email addresses in combination with a password or security question...more

Colorado Student Data Privacy Bill – What EdTech software providers need to know

Colorado is the latest state to revisit, and expand upon, its laws pertaining to the use and protection of student data. Colorado Governor John Hickenlooper recently signed into law House Bill 16-1423 (the “Bill”) designed to...more

IRS Issues New Requirements for IVES Participants

On June 23rd, the IRS dropped a bombshell on the lending industry. As of Midnight on July 1, 2016, many lenders will no longer be able to verify directly borrower income except through snail mail. If the IRS sticks to its...more

270 Results
View per page
Page: of 11
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.