On Wednesday, the House Homeland Security Committee passed a substitute bill for H.R. 3696, the National Cybersecurity and Critical Infrastructure Protection Act of 2013. The committee substitute bill was broadly supported by both parties. As it presently stands, H.R. 3696 delegates to the Department of Homeland Security the responsibility for civilian cybersecurity research and development, incident detection… Continue Reading
Tag Archives: Personal Information
Data Brokers Under Scrutiny
Posted in Legislation, Privacy RegulationThe Senate Commerce Committee released this morning its majority staff report, A Review of the Data Broker Industry: Collection, Use, and Sale of Consumer Data for Marketing Purposes, on the practices data brokers use to collect and sell personal information of consumers and how those practices affect the privacy of hundreds of millions of Americans. … Continue Reading
TJX Data Breach May Take Back Seat to Sony PlayStation Network Breach
Posted in UncategorizedWritten by Julia Siripurapu Sony Corp. has acknowledged on its PlayStation website that between April 17 and April 19, its PlayStation and Qriocity networks were the subject of a hacking attack. As a result of this attack, the personal information, including name, address, email address, birth date, passwords, security question answers, and credit card data, of… Continue Reading
It’s Tax Time — Use Caution with those W-2 Forms
Posted in Data Breach, Data Breach Notification, Data Compliance & SecurityWe’ve had several questions lately regarding “mixups” with mailings of W-2 forms, and whether certain situations are really “data breaches.” Some Attorneys General are taking the position that the employer is responsible for providing notice to affected individuals (employees and former employees) and providing the required AG notice letters in the event that tax forms containing personal information… Continue Reading
WellPoint Sued by Indiana AG for $300K – UPDATE
Posted in Data Breach, Data Breach Notification, HIPAA/HITECH(This post is updated to include links to the Indiana Attorney General’s press release and a copy of the complaint) Back on July 1, we blogged in this space about a very large data breach experienced by health insurer WellPoint. According to WellPoint, over 470,000 individual insurance customers may have been affected by a breach that… Continue Reading
The Google Payload Data Fallout Continues
Posted in Data BreachWritten by Jillian Collins Connecticut Attorney General Richard Blumenthal says he will lead a multistate investigation into Google Street View cars’ unauthorized collection of personal data from WiFi networks. The Connecticut AG said he expects a significant number of states to participate. More than 30 states participated in a recent conference call regarding the Connecticut… Continue Reading
Countdown to compliance with 201 CMR 17.00…..11 days
Posted in Data Compliance & SecurityAs we approach the 10 day mark to the March 1 effective date of the Massachusetts data security regulations, 201 CMR 17.00, we thought that we would share another misapprehension in the ever-growing list. “I ordered one of those $99 “Compliance Kits” from the Internet, and they say that they will “certify” that I am… Continue Reading
Happy 2010 – Data Breach du Jour
Posted in Data BreachWe are just barely into the new year, and there is already a rather large data breach to report. Officials at Eastern Washington University (EWU) are notifying up to 130,000 current and former students that their personal information may have been exposed in a security breach, reports the Seattle Times. The data involved includes names,… Continue Reading
Holiday Privacy Watch: Take care before you donate that cell phone
Posted in Data Breach, Data Compliance & SecurityDuring the holiday season, many organizations are soliciting donations of old cell phones to be repurposed. This is an excellent way to “reuse, reduce, and recycle” and puts those useless (to you) items to use in a positive way, but please remember — important and private data reside in your cell phone’s internal memory, even… Continue Reading
Remember the school-days admonition that something might end up on your “permanent record”?
Posted in Data Compliance & SecurityA Fordham Law School study found that state educational databases across the country have severely inadequate privacy protections for the nation’s school children. The study, prepared by the Center on Law and Information Policy, reports that at least 32% of states warehouse children’s social security numbers; at least 22% of states record student pregnancies; and… Continue Reading
Data Breach du Jour ….
Posted in Data BreachThe Associated Press reports that American Express has notified some card-holders that their information may have been compromised. According to an American Express spokesperson, the breach resulted from an employee’s recent theft of data. In this tough economy, outside threats to personal information held by companies is not the end of the story. The possibility… Continue Reading
Not “Clear” What Happens to Passenger Data…..
Posted in Secure TravelingBad news if you were a frequent flyer who ponied up the $199 annual fee to participate in Verified Identity Pass, Inc.’s registered traveler program, branded as “Clear.” Last night, the company announced that it was “unable to negotiate an agreement with its senior creditor” and shut down. Membership fees will not be refunded. The… Continue Reading