On this last day of April, there are a couple of breaches and another clarion warning about copy machines – We have blogged on this issue here and here — and again, there is another warning about the treasure trove of information residing on the hard drive of your copy machine. A CBS Evening News… Continue Reading
Monthly Archives: April 2010
Connecticut Woman Files First Suit Under Federal Law Prohibiting Genetic Discrimination
Posted in Employee PrivacyWritten by Jennifer Rubin A Connecticut woman has filed a charge of discrimination under the Federal Genetic Information Nondiscrimination Act (“GINA”), which prohibits discrimination against employees based upon their status as carriers of genetic information. The woman claims her status as a carrier of the BRCA2 gene, a gene sometimes associated with the elevated risk… Continue Reading
Proposed HITECH Regulations Out in May?
Posted in LegislationBuried in a part of today’s Federal Register was the publication of the Department of Health and Human Services’ regulatory agenda. The agenda presents a forecast of expected HHS rulemaking activities and suggests that in May of this year HHS will issue the long-awaited proposed rules to modify the HIPAA Privacy, Security, and Enforcement Rules… Continue Reading
Brokerage firm victim of elaborate extortion scheme – but also gets hit with a fine
Posted in Data Compliance & SecurityBrokerage firm DA Davidson has agreed to pay a fine of $375,000 for failing to protect confidential client data from Latvian hackers who breached the company in 2007 in an online extortion scheme and the three have pleaded guilty in Montana. The hackers used a SQL injection attack to obtain access to the company’s database… Continue Reading
Federal Regulators Release Model Consumer Privacy Notice Online Form Builder
Posted in LegislationLast year, the eight federal regulators that regulate the financial services industry issued a “simplified” model privacy notice that was published in the Federal Register on December 1, 2009. Today, the regulators released an “Online Form Builder” to guide a covered institution to select the version of the model form that fits its practices, such… Continue Reading
Privacy and Security Bits and Bytes
Posted in Data BreachOur Friday afternoon feature — Virginia Adds Medical Information Breach Law – The Commonwealth of Virginia has amended its data breach notification law to include breaches of medical information. For the text of the amendment, link here. Even if the data is encrypted, the law requires notice if the breach involved a person with access… Continue Reading
Mississippi Becomes 46th State to Enact Data Breach Notification Law
Posted in Data BreachIt appears that Governor Haley Barbour has signed legislation sent to his desk by the Legislature on April 1, making Mississippi the 46th state to enact a data breach notification law. Similar to most of the other laws, the Mississippi law applies to any person who owns, licenses or maintains computerized personal information of any… Continue Reading
More on last week’s NJ Supreme Court decision -
Posted in Employee PrivacyThe decision we blogged about in this space last week is creating quite a bit of buzz in both privacy and employment law circles. My employment law colleagues in our New York office have authored an analysis of the decision here: Employment Alert: New Jersey Supreme Court Finds Privacy Rights in Employee E-Mails And, the… Continue Reading