Personally Identifiable Information Privacy Policy

News & Analysis as of

New Delaware Act Requires Online Privacy Policy for Websites

A new privacy law requires companies to make specific statements about what information is collected on its website. Like California, it also requires that companies state in writing whether they respect “Do Not Track”...more

SEC Steps Up Cybersecurity Enforcement

September has been a busy month for the SEC in addressing cybersecurity. In the span of a week, the SEC issued a new alert in connection with its cybersecurity examination of Wall Street firms, entered a Cease and Desist...more

The Legacy of the RadioShack Bankruptcy and the Importance of PII

Customer information has become an increasingly valuable business asset. And, the volume and detail of other available information about consumers has increased along with it, well beyond mere customer names and addresses to...more

What is reasonable? The emerging legalities of cybersecurity post-Wyndham

This month’s edition of the Advanced Cyber Security Center’s newletter includes my discussion of lessons to be learned from the Wyndham decision: Historically, security was an issue reserved in a back room for the IT...more

SEC Announces First Cybersecurity Enforcement Action Against an Investment Adviser for Failure to Protect Client Data

On September 22, 2015, the Securities and Exchange Commission (SEC) announced its first cybersecurity-related enforcement action against an investment adviser for failure to protect customer records and information. According...more

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

Delaware Enacts Package of Internet Data Laws

Joining the collection of states with online privacy laws, Delaware has enacted a package of statutes governing the collection, storage and use of the personal information of Delaware residents by websites, Internet and cloud...more

Weekly Privacy Tip#2 – Protecting your (and your employees’ and customers’) Social Security numbers

Social Security numbers are one of the highest risk data elements known to mankind. A Social Security number in combination with a name and date of birth (which are publicly accessible) in the hands of a bad person can...more

Don’t Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called “Phase 2 Audits” are set to commence...more

Advertising Law - September 2015

Third Circuit Affirms FTC's Power to Regulate Data Security Practices - Affirming the power of the Federal Trade Commission to regulate corporate cybersecurity, the Third Circuit Court of Appeals held that the agency may...more

UCLA cleared in lawsuit alleging breach as to sexually transmitted disease information

UCLA was absolved by a California judge last week in a suit filed by a patient of a UCLA affiliated doctor’s group, who alleged that a temporary worker in the doctor’s office used the doctor’s username and password to get...more

Time for a HIPAA Security Check-Up!

The 2015 HIPAA Security conference held by the National Institute of Standards and Technology (“NIST”) and the U.S. Department of Health and Human Services, Office for Civil Rights (“OCR”) kicked off last week with OCR’s...more

$750,000 Settlement Agreement Reiterates Importance of HIPAA Security Rule Compliance

On September 2, 2015, the U.S. Department of Health and Human Services ("HHS") announced that it had entered into a Settlement Agreement with an Indiana-based medical practice for alleged violations of the Health Insurance...more

Delaware Enacts First Privacy Law with Focus on Children

The Delaware Online Privacy and Protection Act takes a broad approach to the collection and disclosure of personally identifiable information. Delaware Governor Jack Markell recently signed the Delaware Online Privacy...more

Revisiting Privacy Policies and Practices in Light of Delaware Law

The Delaware Online Privacy and Protection Act (the "Act") addresses privacy policy, marketing or advertising to Delaware residents under age 18 and digital book service information disclosure requirements. The Act goes into...more

Rocky Road Ahead for Ashley Madison after Widespread Damage Arising from Disclosure of Personal Information

Ashley Madison, the self-described “world's leading married dating service for discreet encounters” is the latest high-profile social media website to sustain a cyberattack. Established to provide an opportunity for married...more

Delaware Changes Online, Student Privacy Protection Laws

Four pieces of legislation intended to improve online privacy and protections for Delaware residents were signed into law by Governor Jack Markell on August 7, 2015. Collectively, this legislation will impact a broad range of...more

New Potential Liability for Data Security: U.S. Court of Appeals for the Third Circuit Announces FTC has Authority to Scrutinize a...

The U.S. Court of Appeals for the Third Circuit announced that the Federal Trade Commission (FTC) has the authority to scrutinize a business’s data security protocol -- and to file a complaint if the FTC finds that protocol...more

Federal Trade Commission Continues Its Enforcement Campaign Against False Safe Harbor Claims

Reiterating its commitment to enforcing the U.S.-EU and U.S.-Swiss Safe Harbor Frameworks, the Federal Trade Commission announced on Monday that it has reached settlements with 13 companies alleged to have misled consumers...more

Internet Savvy Senior Lacks Standing to Bring Website Privacy Putative Class Claims Against AARP

The United States District Court for the District of Columbia recently dismissed a putative class action alleging that AARP violated its website privacy policy by allowing Facebook and Adobe to collect personal information...more

Cybersecurity for Startups Now a Cost of Entry for Consideration by Larger Clients: What is Your Company's Plan?

For technology startups, maintaining strong security controls remains vital to winning new business opportunities and strengthening existing relationships. Despite the global spike in cybersecurity attacks (there were 42.8...more

State Law Roundup: Legislatures Across the U.S. Revamp Data Breach Notification Laws

As the number of highly publicized data breaches continues to skyrocket and proposals for a federal data breach notification law stagnate, state legislatures around the country have been busy amending their own breach...more

Cybersecurity is once again a hot topic as Illinois undergoes PIPA update

Cybersecurity is a hot topic at both the state and federal level. Specifically, Illinois is in the process of amending its Personal Information Protection Act (“PIPA”). Illinois SB 1833 will amend PIPA by establishing more...more

Class Is in Session: The FTC Launches New Data Security Initiative

Why it matters - The Federal Trade Commission (FTC) kicked off a new educational initiative to provide guidance to businesses in the area of data security. Based on the lessons learned from more than 50 of the agency's...more

4th Time is Not a Charm: Android Users Plead Themselves Out of Court

Finding that the Plaintiffs lacked Article III standing to pursue their case, Google, Inc. (“Google”) won dismissal of the Android users’ putative class action lawsuit after more than three years of litigation. In re Google...more

118 Results
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.