Privacy & Cybersecurity

Viewpoints

Filter by:

Privacy Shield is Finally Official

July 12, 2016 | Blog

The EU Commission has formally adopted Privacy Shield and the US Department of Commerce will go live with a new Privacy Shield registration website on August 1. US companies that had been registered under Safe Harbor will need to complete a new internal review, self-certification and registration to take advantage of Privacy Shield.
Read more

Privacy Shield Passes Art. 31 Hurdle; European Parliament LIBE Committee Advisory Vote Later Today

July 11, 2016 | Blog

The final version of Privacy Shield (which has not yet been officially published) passed the Article 31 Committee vote on July 8th and is being presented today to the LIBE committee of the European Parliament. LIBE’s vote is advisory, but it may provide some early indications as to how well Privacy Shield will survive anticipated legal attacks once it is formally adopted and implemented.
Read more

EU Adopts Cybersecurity Directive: What US Companies Need to Know

July 11, 2016 | Blog | By Michael Katz, Cynthia Larose

Not all the news coming out of Europe these days is about Brexit. In fact, the forces of unity and harmonization remain a top priority for European regulators hoping to combat digital security threats and create a safer and more secure environment for the entire online community.
Read more

Privacy Shield: Rumors of Progress

July 1, 2016 | Blog

According to several news reports, the Commission has sent a revised draft of the Privacy Shield adequacy decision to the Article 31 Committee. One tech industry news source, Ars Technica, has made available a purportedly leaked draft of the version of Privacy Shield that is being reviewed by the Article 31 Committee.
Read more

Colorado Student Data Privacy Bill - What EdTech software providers need to know

June 27, 2016 | Blog | By Julia Siripurapu, Cynthia Larose

Colorado is the latest state to revisit, and expand upon, its laws pertaining to the use and protection of student data. Colorado Governor John Hickenlooper recently signed into law House Bill 16-1423 (the “Bill”) designed to increase the transparency and security of personal information about students enrolled in Colorado’s public education system (K-12).
Read more

What does the Brexit vote mean for UK Data Protection?

June 24, 2016 | Blog

US companies and policy makers will no doubt spend a good chunk of the day today considering the possible implications for them of yesterday’s UK vote for Brexit. Mark Carney, Governor of the Bank of England, has issued a statement to calm the markets.
Read more

OCR Warns of HIPAA Risks in Third-Party Apps

June 22, 2016 | Blog | By Cynthia Larose

The U.S. Department of Health and Human Services Office for Civil Rights (OCR)  recently issued a warning regarding vulnerabilities in third-party applications used by entities covered by HIPAA. The OCR warning applies generally to HIPAA Covered Entities and Business Associates. 
Read more

Webinar Tomorrow - Cybersecurity Risk: Addressing the Human Factor

June 21, 2016 | Blog | By Cynthia Larose

The number one threat to a company's information (personal or confidential) is still its own employees. Data security and privacy training are the first lines of defense against negligent employee behavior.
Read more

Mintz Privacy Team Adds CISSP

June 21, 2016 | Blog | By Cynthia Larose

The Mintz Levin Privacy and Security team is pleased to welcome Brian H. Lam to our group of privacy and security professionals. Brian comes to Mintz with broad experience in data aggregation, network data security, and technology transactions - in particular, the role security infrastructure plays in both technology transactions and M&A transactions.
Read more

EU Privacy Shield Status Update

June 20, 2016 | Blog

While it’s making few headlines, the European Commission is still working to finalize Privacy Shield, and it’s even possible that Privacy Shield will pass a key hurdle by the end of this month. 
Read more

“Interim” No More: DHS and DOJ Publish Final CISA Guidance on Cybersecurity Sharing 

June 20, 2016 | Blog | By Cynthia Larose

The Department of Homeland Security (DHS) and the Department of Justice (DOJ) have issued the long-awaited final procedures for both Federal and Non-Federal Entities under the Cybersecurity Information Sharing Act (CISA) (“Final Procedures”) that provide information on how DHS will implement CISA. 
Read more

Practice Fusion and FTC Settle Complaint Over Deceptive Statements About the Privacy of Consumer-Generated Online Content

June 17, 2016 | Blog | By Julia Siripurapu, Cynthia Larose

Last week, the Federal Trade Commission (FTC) announced (press release) that Practice Fusion, the largest cloud-based electronic health company in the United States, has agreed to settle FTC charges over deceptive practices involving the public disclosure of healthcare provider review information collected from consumers that included sensitive personal and medical information.
Read more

Illinois Joins the Fray: Strengthens its Laws Around Data Breach Notification and Data Security

June 14, 2016 | Blog | By Michael Katz, Julia Siripurapu, Cynthia Larose

Sophisticated phishing scams and muscular hacking efforts continue to compromise personal and sensitive information held by insurers, hospital systems, and businesses large and small.
Read more

Innocents Abroad: Lost laptop with customer data

June 2, 2016 | Blog

In this edition of the “Innocents Abroad” series, Susan Foster discusses the privacy considerations that come into play when an employee loses a laptop containing customer data abroad!
Read more

Delta Wins CalOPPA Case - But Your Mobile App May Not Fly

June 1, 2016 | Blog | By Cynthia Larose

In a decision favorable to the airline industry—but not helpful to other companies—the California Court of Appeal said that a privacy enforcement action against Delta is not going to fly. On May 25, 2016, the Court of Appeal tossed the California Attorney General’s CalOPPA enforcement action against Delta Airlines, affirming the lower court’s 2013 dismissal of the case with prejudice.
Read more

Innocents Abroad: Privacy Considerations for Employers

May 24, 2016 | Blog | By Cynthia Larose, Michael Katz

Mintz Levin's Immigration Law Blog is running a series titled "Innocents Abroad" addressing issues in an increasingly globalized economy where employers assign employees all over the globe.
Read more

Supreme Court Decision in Spokeo Breathes Life Into Standing Defenses

May 16, 2016 | Blog | By Kevin McGinty

In its just-issued decision in Spokeo, Inc. v. Robins, No. 13-1339, slip op. (May 16, 2016), the Supreme Court has held that a plaintiff bringing suit under a federal statute must allege the existence of a concrete injury in order to have Article III standing to bring that statutory claim.
Read more

PCI DSS 3.2: It’s here, what does it mean for you?

May 9, 2016 | Blog | By Cynthia Larose, Julia Siripurapu

The Payment Card Industry Security Standards Council (PCI SSC) has released a new version of its data security standard for the protection of cardholder data, the Payment Card Industry Data Security Standard (PCI DSS).
Read more

Save the Date: GDPR goes into effect May 25, 2018

May 5, 2016 | Blog

We now have a precise date for the European Union's General Data Protection Regulation to go into effect: May 25, 2018.  
Read more

Breach Response Portal Added by Massachusetts Regulator

April 27, 2016 | Blog | By Cynthia Larose

If you have had to provide data breach notices across any number of states (and who hasn't....), you would know that they vary widely in how those notices must be provided to state regulators. 
Read more

Subscribe

Sign up to receive email updates from Mintz.
Subscribe Now
what-were-reading

What We're Reading

ccpa-toolkit

California Consumer Privacy Act (CCPA) – Toolkit

Mintz Matrix

The Mintz Matrix

Find data breach notification laws by state

Viewpoint Editors

Explore Other Viewpoints:

I'm Looking For...