Showing 24 posts in Privacy.
On June 28, California governor Jerry Brown signed into law the California Consumer Privacy Act of 2018. The Act will significantly impact companies (including many based outside of California) and United States legislation in the coming months, although it is unclear whether the new law will serve as an example for other states or an outlier. Importantly, the Act contains a number of "GDPR-like" features, making it the most restrictive data privacy law that the United States has ever seen. Read More ›
It's not hyperbole to say that the General Data Protection Regulation's May 25th enforcement date marks one of the largest shifts in the history of privacy laws. Read More ›
This is the first article in a series on Third Party and Vendor Management. The next article in this series discusses provisions for vendor contracts. Read More ›
Recently, international travelers have noticed US Customs and Border Protection agents with increased interest in searching cell phones, laptops, and other portable technology. Employers should be aware that this trend increases the risk that an unauthorized individual will access sensitive company information, which could result in an inadvertent data breach.
Some international travelers have been asked by border agents to unlock cell phones or provide a password needed to unlock the device. One report included a customs agent threatening to seize a travelers' phone if he did not unlock his cellphone. Employers are rightfully concerned that these searches may allow unauthorized individuals to access sensitive company information. Read More ›
In 2016 Lansing, MI's Board of Water and Light fell victim to a cyber-attack that resulted in $2.4 million in costs, including a $25,000 ransom paid to the perpetrators. In the aftermath of the breach, BWL announced that it was filing for a $1.9 million insurance claim under its cyber insurance policy, including $2 million in covered losses, less a $10,000 deductible.
There is a lot at stake for businesses when it comes to cyber-crime, which is why more and more businesses are investigating and purchasing cyber insurance to hedge against the risks associated with cyber security and data privacy. Read More ›
No matter how carefully, thoughtfully and diligently a company works to prevent it, data breaches happen. Company management, IT teams and outside consultants can do everything right and still end up dealing with a breach. That means that knowing how to best respond when (not if) a breach happens should be part of every company’s data protection strategy.
We recommend that every company assemble a security breach team, consisting of individuals inside and outside of the organization who possess different skill sets. This may include technology officers, as well as staff from IT, human resources, communications, legal departments, outside counsel, and outside vendors. The composition of the team will depend on the type and size of the organization, but each member should be in a position and have skills that enable the organization to quickly and properly respond to an incident. The team must also be equipped, authorized and empowered to evaluate and immediately react to an incident once it has occurred. Read More ›
According to the Department of Justice (the “DOJ”), an estimated 17.6 million Americans aged 16 or older were victims of at least one attempt or incident of identity theft in 2014. Identity theft takes many forms - from stealing someone’s identity to obtain government benefits to creating new financial accounts in another person’s name. The most frequent type of identity theft - 80 percent of all cases according to the DOJ - involves someone trying to take over an existing bank or credit card account. Tax-related fraud is also on the rise.
We are all at risk of identity theft. It seems like a week never goes by without a news report about a data breach at a major retailer or bank. Unfortunately, most people who are victims of identity theft - or suspect they might be - are not aware of the steps they should take to mitigate the harm from the theft.
This article identifies the steps that a person whose social security number is compromised should immediately take upon learning of a problem, as well as actions to take to protect against the risk of identity theft in the future. Read More ›
Thanks to the new Oliver Stone movie now in theaters, Edward Snowden has been back in the news lately. Disillusioned and alarmed by the virtual mountain of data that was being assembled by the federal government to track all forms of digital communication, Snowden became a hero to some, and traitor to others, after he leaked information about the government’s secret tracking systems to the press. Read More ›
Filming for TV Show Results in HIPAA Violation and $2.2 Million Settlement Paid by New York Presbyterian Hospital
It’s not uncommon for “covered entities” such as hospitals and health systems to violate the Privacy Rule under the Health Insurance Portability and Protection Act of 1996 (“HIPAA”). A stolen laptop or misplaced file can expose information that should be protected. Rarely, however, does a violation arise from the filming of a television show. But that’s exactly what happened in the case of New York Presbyterian Hospital (“NYP”), which recently entered into a settlement with the Department of Health and Human Services, Office for Civil Rights (“OCR”) for $2.2 million. Read More ›
Categories: HIPAA, Privacy
The term "competitive intelligence" is the process of legally gathering information about one's competitors to gain a strategic advantage in the marketplace. Large corporations will have strategic intelligence experts as a part of their marketing department. These experts specialize in discovering promotional activities, sales figures, and other information about the company's competitors. Ideally, strong competitive intelligence enables a company to predict the strategy of a competitor and adapt with a strategy of its own that will result in an advantage in the marketplace.
The good news is that small and medium-sized businesses are not usually the targets of professional competitive intelligence experts. However, a business owner would be wise to protect itself from amateur intelligence gathering by its competitors. Competitive intelligence gathering begins by identifying the strategy of your own business and how your competitor's strategy will interfere. Then the intelligence gathering begins. Read More ›
Categories: Privacy, Social Media
- Electronic Health Records
- Fraud & Abuse
- IT Contracts
- Cloud Computing
- Venture Capital/Funding
- Radio Broadcasts
- Intellectual Property
- Personal Publicity Rights
- Employee Benefits
- Did you Know?
- Digital Assets
- Domain Name Registration
- Social Media
- Trade Secrets