Happy Holidays from all of us at Privacy and Security MATTERS! Click here for our Season’s Greeting e-card.
Monthly Archives: December 2010
Data Breach at NYC “Hop-on, Hop-off” Tour Company — 110,000 credit card numbers stolen
Posted in 201 CMR 17.00, Data Breach, Data Breach Notification, Data Compliance & SecuritySince March 1, 2010, privacy professionals have been waiting for a data breach that could bring an enforcement action under 201 CMR 17.00, the Massachusetts privacy regulations. I just spoke with Paul Roberts, editor of threatpost.com, a blog that posted an entry yesterday regarding a breach that could do just that. Twin America LLC, the parent company of… Continue Reading
Commerce Department Seeking Public Input on Proposed Privacy Framework
Posted in UncategorizedYesterday, the Department of Commerce published a notice in the Federal Register, seeking feedback on proposals in its recently-unveiled privacy report. Among other questions, the Commerce Department is seeking comment on such issues as : • Should baseline commercial data privacy principles be enacted by statute or some other means? • How should baseline… Continue Reading
Executive Summary: Commerce Department Issues Privacy “Green Paper”
Posted in Data Breach NotificationWritten by Anagha Prasad Introduction In an effort to reexamine and improve upon commercial data privacy, the Internet Policy Task Force (IPTF) released a green paper entitled “Commercial Data Privacy and Innovation in the Internet Economy: A Dynamic Policy Framework.” Based on consultations, written submissions, and extensive research, the document makes various policy recommendations regarding… Continue Reading
Planning for the Release of Final HIPAA Rules and HIPAA Auditing
Posted in UncategorizedWritten by Dianne Bourque On December 14, the Office of Civil Rights (“OCR”) indicated at a public meeting that it is considering the simultaneous publication in 2011 of four final HIPAA rules: The breach notification rule The HIPAA Enforcement Rule The HITECH implementation rules The HIPAA changes mandated by GINA These rules are all scheduled… Continue Reading
Questions Asked by the FTC in the Privacy Report – Part II
Posted in UncategorizedIn last week’s Privacy Report , the Federal Trade Commission posed a series of questions, soliciting comment and discussion from stakeholders to better inform its final report on the subject, due to be issued mid-2011. We reviewed some of the questions in our December 2 post. Here are some of the other questions — parties with… Continue Reading
It’s almost 2011. Do you know where your Red Flags Rule compliance program is?
Posted in Data Compliance & Security, Identity Theft(UPDATED) Late Tuesday, the House of Representatives passed the Red Flag Program Clarification Act of 2010 on a voice vote, clearing the way for President Obama’s signature. The Clarification Act exempts doctors, lawyers, accountants and certain other professionals from compliance with the Red Flags Rule. As you may recall, we discussed lawsuits filed by the American… Continue Reading
Questions Asked by the FTC in the Privacy Report – Part I
Posted in UncategorizedYesterday’s blockbuster Privacy Report released by the Federal Trade Commission (blog post here) is as important for the questions it asked of stakeholders in eliciting public comment as for the recommendations it appears to be making. Since at least a portion of what will end up in the FTC’s final report will depend on the… Continue Reading
FTC Participating in Twitter Chat on Privacy Report
Posted in UncategorizedIf you have questions for the FTC on its Consumer Privacy Report released today, the Commission is participating in its first ever Twitter chat — #FTCgov hashtag
FTC Press Conference – Live Blogging
Posted in UncategorizedFTC Chairman Jon Leibowitz, Jessica Rich, deputy director of the FTC’s Bureau of Consumer Protection, and Edward Felten, the FTC’s incoming chief technologist, held a press conference earlier this afternoon on the Consumer Privacy Report. Alex Howard at Gov20 was blogging the press conference live — read it here.
FTC to Industry on Consumer Privacy: You “Must Do Better” – UPDATE
Posted in Data Compliance & Security, Legislation, Online AdvertisingFTC Report Supports “Do-Not-Track” and sets out comprehensive framework for consumer privacy
Whistleblowing “protected” under Sarbanes-Oxley, as long as it’s not to the media ….
Posted in Data Compliance & Security, Online AdvertisingOur colleagues over at the Mintz Employment Matters blog have posted an interesting piece on the latest Sarbanes-Oxley whistleblower case — Employment Matters Blog