At the beginning of the “countdown” to the March 1st effective date of 201 CMR 17.00, we offered some posts with “misapprehensions” and compliance suggestions (see 16 Days to March 1….. and Countdown to compliance with 201 CMR 17.00…..11 days). Here are some questions that have been reoccurring over the last few weeks: 1) What… Continue Reading
Monthly Archives: February 2010
And, it’s Friday, February 26th……
Posted in Data Compliance & SecurityAnd that means today is the last business day before the new Massachusetts data security regulations go live– as Jim Cramer would say, “That’s 201 CMR 17.00 for all you home gamers.”
“Stunning”/ “Shear Madness” – Reaction to Google Convictions
Posted in Data BreachThe reactions are coming in fast and furious to yesterday’s conviction of three Google executives in an Italian court. Linked here are just a few of the more than 1,000 media stories on the decision so far. Google privacy convictions in Italy spark outrageLarger Threat Is Seen in Google Case – NYTimes.comConviction of Google Execs… Continue Reading
BREAKING NEWS: Google Executives Convicted on Privacy Charges in Italy
Posted in Data BreachIn the first case of its kind, an Italian judge today convicted three Google executives on privacy violations in Milan court. Global Privacy Counsel Peter Fleischer, Chief Legal Officer David Drummond, and another executive were found guilty of failing to comply with Italian privacy code in allowing a disparaging video to be posted online. A… Continue Reading
Today’s compliance deadline – Enforcement of the HITECH/HIPAA data breach notification rule
Posted in Data BreachFebruary and March are just full of significant deadlines for privacy/security reporting and compliance. Today is the day that the Health & Human Services Office of Civil Rights begins to enforce the HITECH/HIPAA data breach notification rule. To “celebrate” the occasion, the agency publicly posted the first list of reported breaches affecting 500 or more… Continue Reading
HITECH Act Compliance Date Arrived — Without the Promised Regulatory Guidance
Posted in LegislationWe have been so focused on the upcoming Massachusetts data security deadline, that we let one last week go without fanfare. As we have gently reminded you on several occasions, the new HIPAA privacy and security rules contained in the Health Information Technology for Clinical and Economic Health Act (HITECH) became effective on February 17th…. Continue Reading
T Minus 10,080 Minutes and Counting…..
Posted in Employee PrivacyWe have just one week to go before all entities that own, store, license — or basically do anything with — personal information of Massachusetts residents must comply with the Commonwealth’s new data security regulations. Things to consider: Have you done your risk assessment? Looked at what you collect and how you collect and how… Continue Reading
Countdown to compliance with 201 CMR 17.00…..11 days
Posted in Data Compliance & SecurityAs we approach the 10 day mark to the March 1 effective date of the Massachusetts data security regulations, 201 CMR 17.00, we thought that we would share another misapprehension in the ever-growing list. “I ordered one of those $99 “Compliance Kits” from the Internet, and they say that they will “certify” that I am… Continue Reading
16 Days to March 1…..
Posted in Data Compliance & SecurityJust in case you missed it, March 1 is the deadline for compliance with 201 CMR 17.00, the new Massachusetts data security regulations, and we published a client alert last week as a “reminder”… Privacy and Security Alert. In addition to the top five “misapprehensions” about the applicability of the new regulations that we included… Continue Reading
New Facebook privacy lawsuits
Posted in Data BreachFacebook has been hit with two new potential class-action lawsuits stemming from recent revisions to its privacy settings. The cases, filed recently in federal district court in San Jose, Calif. on behalf of nine Facebook users, allege that the new settings are “confusing and materially deceptive” and lessened their privacy. “Facebook has violated the privacy… Continue Reading
Roundtable data privacy and security discussions on YouTube
Posted in Data Compliance & SecuritySee a series of Data & IT Security Roundtable discussions with thought leaders: www.youtube.com/user/JaxsonGroup
Tracking the cookie crumbs
Posted in Data Compliance & SecurityDisabling cookies may not be the answer to controlling your online identity. Regardless of whether you have cookies enabled or not, Web sites collect certain amounts of operational information about your browser. The Electronic Frontier Foundation has detailed how companies can use browser-configuration information to identify users, and also launched a new project, Panopticlick, aimed… Continue Reading
27 days and counting…
Posted in Data Compliance & SecurityMarch 1st is the deadline for compliance with the Massachusetts data security regulations, 201 CMR 17.00. We have blogged incessantly for months about the need to get compliance programs into gear and develop information security plans as required by the regulations. The time is here. If you are one of the procrastinators (and, you are… Continue Reading