Skip to main content

Privacy & Cybersecurity

Viewpoints

Filter by:

Rx for HIPAA Compliance

May 17, 2013 | Blog | By Cynthia Larose

Weighing in at half the length of Tolstoy's legendary tome War and Peace, it is no surprise that the thought of the impending deadline for compliance with the 538-page  HIPAA Omnibus Rule  has left many small clinical practices feeling overwhelmed.  
Read more

July 1 COPPA Compliance Deadline is Approaching

May 15, 2013 | Blog | By Cynthia Larose

Today, the FTC sent more than ninety (90) "educational" letters to domestic and foreign businesses whose Web sites and online services (including mobile apps) appear to collect personal information from children that are 12 years old and under, in an attempt to help the businesses come into compliance with the amendments to the Children’s Online Privacy Protection (COPPA) Rule (the “Amendments”), going into effect on July 1.
Read more
(LONDON) We recently wrote that a crucial committee vote on the new EU Data Protection Regulation had been pushed back until May 29-30.   The vote has been delayed again until an unspecified future date, although Jan Phillip Albrecht, the MEP who is one of the leading advocates for the Regulation, still thinks that a committee vote will be possible before the European Parliament’s July recess. 
Read more

Upcoming Events

April 30, 2013 | Blog | By Cynthia Larose

Mark your calendars:  Upcoming events with Mintz Levin privacy attorneys
Read more

Data Breach at Gunpoint

April 25, 2013 | Blog | By Cynthia Larose

You might think that if you lock your backup tapes in a safe they are protected from a data breach, but Kmart’s recent data breach proves that’s not the case.  Last month, a person held a Kmart employee in Little Rock, Arkansas at gun point and ordered him to open the store’s safe.
Read more
Volley #1 - Trade Associations to FTC:  Please Delay!
The long-awaited amendments to the Children's Online Privacy Protection Act (COPPA) have been the subject of much discussion and debate.  
Read more
(LONDON) The draft of the new Data Protection Regulation, the first EU privacy law with highly serious teeth in the form of fines based on global turnover, continues to wend its way through various committees of the European Parliament (EP).
Read more
Last week in Washington, D.C., this author had the opportunity to sit in on a panel discussion by the SEC’s Division of Corporation Finance (“CorpFin”) discussing, among other things, recent developments in cybersecurity disclosure in public company filings.
Read more

Yet Another Zip Code Class Action Filed in Massachusetts

April 9, 2013 | Blog | By Cynthia Larose

Earlier this month, we reported on the privacy case against craft giant Michaels Stores (see our blog post here, as well as our client alert here) in which the plaintiff alleged that Michaels illegally collected zip codes during credit card transactions.
Read more

Hannaford Data Breach Class Action Certification: Denied

April 2, 2013 | Blog | By Cynthia Larose

Damages issues continue to bedevil would-be data breach class action plaintiffs. A long and growing line of cases holds that consumers cannot maintain claims arising from theft of their personal or financial data without alleging that the theft resulted in financial injury.
Read more
After rounds of comments and public workshops, the FTC has finally released an update to its digital advertising disclosure guidelines. The FTC first released guidance on digital advertising in 2000 and last May the FTC requested comments on how the guidelines could be updated.
Read more

Zip Code as Personal Information: The Massachusetts Round 2

March 12, 2013 | Blog | By Cynthia Larose

Yesterday, the Massachusetts Supreme Judicial Court (“SJC”) ruled that zip codes constitute “personal identification information” under G.L. c. 93. The question of law came to the SJC from the U.S. District Court for Massachusetts stemming from Tyler vs. Michaels Store, Inc, which was dismissed in January.
Read more

Privacy and Security Not the Only Concerns in the Cloud

March 12, 2013 | Blog | By Cynthia Larose

Security and privacy are the most frequently expressed concerns about cloud computing (defined for this article to include software as a service, platform as a service and storage as a service), but for companies that engage in research, design, development, manufacturing and servicing of items that are subject to U.S. export controls, cloud computing poses another risk that must be properly managed to avoid the substantial penalties that flow from unlicensed exports of technical data.
Read more

Setback for Apple in iPhone MDL

March 12, 2013 | Blog | By Cynthia Larose

In a case about exposing user data, Apple suffered a setback due to its concealment of information in litigation. Last week, in the multi-district litigation, In Re iPhone Application Litigation, Judge Lucy Koh of the Northern District of California denied Apple’s motion for summary judgment in a putative class action by iPhone and iPad owners who allege that Apple enabled violations of their privacy rights through “apps.”
Read more

To the Nation's Largest Banks: Thanks for Reading

March 12, 2013 | Blog | By Cynthia Larose, Adam Veness

It seems that some of the nation’s largest public company banks must be avid readers of this blog and have taken to heart our 2013 prediction that the SEC would require greater disclosure related to data security risks and breaches. 
Read more
Perhaps we are being cynical, but if we imagine the current conversation between consumers and the makers of mobile payment applications, it would be something along the lines of:
Read more

Activity at the Federal Trade Commission

February 28, 2013 | Blog | By Cynthia Larose

There is much going on at the Federal Trade Commission (FTC)  these days, particularly in the privacy arena. In addition to the settlements discussed below, today the White House confirmed that President Obama will nominate Edith Ramirez as Chair of the FTC, replacing outgoing Chairman Jon Leibowitz.
Read more

The New HIPAA Omnibus Rule & Your Liability -- A Detailed Review

February 17, 2013 | Blog | By Cynthia Larose

As we have reported in this blog, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) recently released final regulations containing modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules (Omnibus Rule).
Read more

Detailed Summary of Cybersecurity Executive Order

February 15, 2013 | Blog | By Cynthia Larose

Our colleagues in our Washington, DC office have prepared a detailed summary of the President's Cybersecurity Executive Order.
Read more

Business Associates Beware

February 11, 2013 | Blog | By Cynthia Larose

If you haven't yet caught up with the new HIPAA Omnibus Rule and its consequences for those businesses who are not themselves healthcare providers, but are service providers to healthcare entities (and even further downstream than that....), you can take a listen to our recent webinar highlighting the most important changes and issues.
Read more

Explore Other Viewpoints: