Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Monthly Archives: July 2010

Online Behavioral Advertising: The European Union Controversy

Posted in Online Advertising

On June 24, 2010, the European Union’s body that addresses data protection issues, the so-called Article 29 Working Party, adopted Opinion 2/2010 (the “Opinion”) providing further clarification on the amended e-Privacy Directive (below) as applied to online behavioral advertising. The Working Party also issued a press release on this topic.

Improper Disposal Costs Rite Aid $1 Million

Posted in Data Breach

Written by Dianne Bourque Rite Aid has agreed to pay $1 million to settle allegations that it violated HIPAA by disposing of labeled pill bottles in unsecured dumpsters accessible to the public. The $1 million fine settles a joint Office of Civil Rights (OCR)/Federal Trade Commission (FTC) investigation prompted by televised media reports of pharmacies… Continue Reading

Analysis of Proposed HHS Regulations Implementing HITECH Act

Posted in Legislation

As promised last week in an earlier post, here is our first Mintz Levin client advisory analyzing the 234 pages of regulations issued on Thursday by the Department of Health and Human Services. Thanks to colleagues Alden Bianchi, Dianne Bourque and Stephen Bentfield. The regulations are slated to be published in the Federal Register tomorrow,… Continue Reading

Australian Privacy Commissioner Concludes Google Breached Privacy Act

Posted in Data Breach

Written by Jillian Collins Australian Privacy Commissioner Karen Curtis has concluded her investigation into Google’s collection of unsecured WiFi payload data in Australia using Street View vehicles and finds that such collection violated Australian law. “On the information available I am satisfied that any collection of personal information would have breached the Australian Privacy Act,”… Continue Reading

No Harm, No Foul; Ninth Circuit Affirms Dismissal of Data Breach Case Against The Gap

Posted in Data Breach

Written by Kevin McGinty It’s a distressingly common scenario. A corporate laptop containing job applicant data, including social security numbers, is stolen from an employee who has taken the laptop off of corporate premises. Access to the social security numbers makes it possible for wrongdoers to engage in identity theft. Is an applicant’s fear that… Continue Reading

REMINDER – HITECH/201 CMR 17.00 Compliance Workshop

Posted in Legislation

Just a reminder of the FREE upcoming data security compliance workshop – Space is limited, so register today at http://tinyurl.com/35pk3yr! On July 13, Mintz Levin will be joined by Sophos, Six Weight Consulting, and MFA Cornerstone Consulting to hold a free compliance workshop focused on both the gaps and overlap of Massachusetts’ data protection regulation… Continue Reading

First Ever State-initiated HIPAA Enforcement Action Settled

Posted in Legislation

Written by Dianne Bourque Connecticut Attorney General Richard Blumenthal has settled the first state-initiated HIPAA enforcement action. The settlement totals $250,000 in statutory damages and Health Net’s agreement to implement a variety of measures to improve the security of consumer health and personal information. Health Net also agreed to provide two years of credit monitoring… Continue Reading

HHS (Finally!) Issues Proposed HIPAA Privacy & Security Rule Changes

Posted in Legislation

The long-awaited proposed changes to the HIPAA Privacy Rules have finally been released by the Department of Health and Human Services (HHS). A joint statement issued today by the HHS and the Office of Civil Rights (OCR) says that the proposed regulations “would expand individuals’ rights to access their information and restrict certain disclosures of… Continue Reading

Data Breaches du Jour

Posted in Data Breach

Information regarding the latest reports of data breaches — common thread: it is taking a startingly long time for entities to (a) discover that they have been breached, and (b) to then take action to notify affected customers of potential compromises to personal information. Update on Major Data Breach at California Health Insurer Updating a… Continue Reading