Header graphic for print
Privacy & Security Matters Mintz Levin : Data Compliance & Security, Employee Privacy Lawyer & Attorney

Uncategorized

Subscribe to Uncategorized RSS Feed

Breaking News — Wall Street Journal: Facebook Close to Settlement with the Federal Trade Commission

Posted in Privacy Regulation, Uncategorized

Update:  Post from Daily Online Examiner blog. If you’re a power Facebook user, you are likely tired of the constant changes to privacy settings.  At last count, the most recent change was the 13th.    This report may make your day.  The Wall Street Journal reports this afternoon  (registration required) that Facebook is finalizing a proposed settlement… Continue Reading

Senators Kerry & McCain to FTC and Commerce: Get Moving on Final Reports

Posted in Uncategorized

Senators John Kerry and John McCain today requested that the Department of Commerce and the Federal Trade Commission issue their final reports on consumer privacy protections. Both agencies released draft reports identifying large holes in current privacy protections in December 2010, but have not yet issued final reports. Senators Kerry and McCain introduced legislation aimed… Continue Reading

Privacy and Security Bits and Bytes

Posted in Uncategorized

After yet another week without power due to a history-making “Snowtober” storm, the Northeast is starting to recover, along with the editor of this blog. Here are some bits and bytes for a Friday afternoon: For those of you now able to log on and read this, here is a recent Mintz article centering on… Continue Reading

Privacy & Security Bits and Bytes

Posted in Uncategorized

Here are some things to ponder during the Columbus Day weekend: My colleague, Dianne Bourque, has written an interesting piece about the new Texas health information law — combine this with the expanded breach notification laws that could impose Texas-style breach notification requirements on all 50 states, and we perhaps have a glimpse into Governor… Continue Reading

New Privacy Task Force Established by Connecticut AG’s Office

Posted in Uncategorized

Connecticut Attorney General George Jepsen has announced the creation of a Privacy Task Force to help educate the public about data protection requirements and to focus his Office’s response to Internet privacy concerns and data breaches that affect consumers. According to Attorney General Jepsen’s press release, “Internet and data privacy have been among the biggest issues… Continue Reading

Changes in Airline Security

Posted in Uncategorized

While this may not be directly related to the “information management” focus of our blog, it is of immense importance to those who travel with children under the age of 12 — the Transportation Security Authority (TSA) has changed the rules for kids who travel by air:  keep your shoes on!  Homeland Security Secretary Janet… Continue Reading

FTC Targets Mobile Application Developer for Violations of COPPA

Posted in Uncategorized

Written by Stu Eaton In the FTC’s first enforcement action involving mobile applications, W3 Innovations, LLC agreed to pay $50,000 to settle charges that it violated the Children’s Online Privacy Protection Act (COPPA) and the FTC’s COPPA Rule by collecting and disclosing the personal information from thousands of children under the age of 13 without… Continue Reading

Federal Data Security Legislation Update: House Subcommittee Approves SAFE Data Act

Posted in Uncategorized

Written by Julie Babayan The House Energy and Commerce Subcommittee on Commerce, Manufacturing and Trade has approved a data security bill by a voice vote, moving it to the full Energy and Commerce Committee for consideration.  The Secure and Fortify Electronic Data (“SAFE Data”) Act would establish national rules for securing data containing personal information,… Continue Reading

Massive Heist of Classified Documents – Pentagon Reports of Cyberwar

Posted in Uncategorized

“In a single intrusion this March, 24,000 files were taken.”    Chilling words yesterday from Deputy Defense Secretary William J. Lynn in a speech revealing the nation’s strategy for cyberspace. Last night, CBS News Pentagon Correspondent David Martin got an unprecedented look inside the command center at the Pentagon and filed a report worth watching:   CBS  News Report… Continue Reading

New Texas Electronic Health Record Law Exceeds HIPAA Requirements

Posted in Uncategorized

Written by Dianne Bourque Texas covered entities (health care providers, health insurers and clearinghouses) and other entities that use and disclose PHI of Texas residents using electronic health records (EHRs) face new risks and stringent requirements under HB300, a new Texas privacy law.  The new law, which is effective September 1, 2012, is more stringent… Continue Reading

The HIPAA Auditors Are Coming! The HIPAA Auditors Are Coming!

Posted in Uncategorized

It is time for covered entities and business associates to jump start HIPAA privacy and security programs and make sure that everything is in compliance.   GovInfoSecurity reports that the Department of Health and Human Services (HHS) has awarded a $9.2 million contract to KPMG to develop protocols for conducting the long-awaited HITECH Act-mandated HIPAA compliance audit… Continue Reading

Mixed Decision on Motion to Dismiss Google Street View Class Action Augurs Continuing Difficulty in Maintaining Privacy Class Actions

Posted in Uncategorized

UPDATE — Google has filed an appeal to the 9th Circuit to review this lower court decision “before forcing to proceed with protracted litigation”  on the federal wiretapping case.    Good article by David Kravets of Wired here Written by Kevin McGinty Regular readers of this blog will be familiar with my view that difficulty in proving… Continue Reading

University of California Pays Close to $1M to Settle Celebrity Health Record Snooping Complaint

Posted in Uncategorized

Written by Dianne Bourque and Cynthia Larose The University of California has paid $865,500 to the Office of Civil Rights (OCR) and agreed to a Corrective Action Plan to settle allegations that UCLA Health System (UCLAHS) employees repeatedly snooped in the electronic health records of celebrity patients.  The OCR’s investigation was prompted by two separate… Continue Reading

FTC Announces $1.8 Million Settlement for Violation of Fair Credit Reporting Act

Posted in Uncategorized

Written by Stu Eaton In a settlement announced by the Federal Trade Commission (“FTC”) on June 27, 2011, Teletrack, Inc. agreed to pay $1.8 million to settle FTC charges that it violated the Fair Credit Reporting Act (“FCRA”) by selling consumer reports to marketers without a “permissible purpose.”  Teletrack sells credit reports and other services… Continue Reading

Two events coming up in San Diego/Irvine

Posted in Uncategorized

We have partnered with WinMagic and Lenovo to present two privacy compliance workshops.   On June 28th, the workshop will be presented at Donovan La Jolla (register here) from 5 to 8 pm (including dinner) and on June 29th, we’ll be presenting the same workshop at Il Fornaio in Irvine (register here) from 5 to 8 pm… Continue Reading

“Reasonable” security does not necessarily equal “best” security – even if ACH fraud involved

Posted in Uncategorized

Written by Stu Eaton Bank Info Security reports that a magistrate for the U.S. District Court  in Maine  issued an Order that further defines what constitutes “reasonable” security practices.  The Order, which must be approved by the judge, recommends dismissal of a complaint filed by PATCO Construction Company against Ocean Bank regarding more than $500,000… Continue Reading

Commerce Department: Call for national, voluntary codes of cybersecurity conduct

Posted in Uncategorized

Privacy and security has become a major focus of the Department of Commerce.  The Department’s Internet Policy Task Force has issued its second green paper, this one proposing the creation of nationally recognized voluntary codes of conduct to help strengthen cybersecurity.  Comments will be accepted on “Cybersecurity, Innovation and the Internet Economy” through August 1, 2011…. Continue Reading

Court Approves Settlement of Flash Cookie Class Action

Posted in Uncategorized

Written by Kevin McGinty On Monday, a federal judge in Los Angeles issued an order granting final approval to a previously-announced settlement of consolidated class actions alleging that the use of so-called “flash cookies” in connection with advertising on web sites resulted in unauthorized tracking of web users’ browsing activity.  In addition, plaintiffs alleged that… Continue Reading

Legislative Interest in Federal Data Security Legislation Continues

Posted in Uncategorized

Senate Judiciary Committee Chairman Patrick Leahy (D-VT) Introduces Data Security Bill Written by Julie Babayan Senate Judiciary Committee Chairman Patrick Leahy (D-VT) has introduced a data security bill that would require certain business entities that store personal data to implement data privacy and security programs, modeled after those established for financial institutions to protect customer… Continue Reading

RSA Offers to Replace SecurID Tokens – For Everyone

Posted in Uncategorized

UPDATE — link to interesting article from Channel Insider.   Back in March, we reported on a massive and sophisticated attack on RSA Security’s well-known SecurID tokens, used by millions of corporate workers to access sensitive corporate networks.  Yesterday, the security unit of EMC Corp. posted a letter to customers on its website, acknowledging for… Continue Reading

Reminder: Privacy Wednesday Webinar TOMORROW

Posted in Uncategorized

Our next webinar in the “Privacy Wednesday” series will be TOMORROW  — “Privacy & Security Under HIPAA/HITECH in an Era of Heightened Enforcement” Registration is here –  don’t miss it!  

Privacy and Security Bits and Bytes

Posted in Uncategorized

A Friday roundup – – From The Los Angeles Times — Social Security numbers and other payroll information of about 4,000 Securities and Exchange Commission employees were included in an unencrypted e-mail sent out by a contractor at the SEC’s National Business Center.  First, SEC employees were nabbed downloading porn, and now this…. A bank courier… Continue Reading