Privacy & Cybersecurity

Viewpoints

Filter by:

California by the Numbers (Part 1): 24 Million Compromised in 2015

February 25, 2016 | Blog | By Cynthia Larose, Julia Siripurapu

California Attorney General Kamala Harris has released a report of the data breaches that have been reported to her office from 2012 until 2015.
Read more

Ransomware Strikes California Hospital - Could You Be Next?

February 23, 2016 | Blog | By Cynthia Larose

In a chain of events that should be a wake-up call to any entity using and storing critical health information (and indeed, ANY kind of critical information), Hollywood Presbyterian Medical Center (“HPMC”) has announced that it paid hackers $17,000 to end a ransomware attack on the hospital’s computer systems.
Read more

Cyber Threat Information Sharing Guidelines Released by DHS

February 18, 2016 | Blog | By Christopher Harvie, Cynthia Larose

This week, the Federal government took the first steps toward implementation of the The Cybersecurity Information Sharing Act (CISA), enacted into law last December. 
Read more

Judicial Redress Act passes the House with the Senate Amendments

February 11, 2016 | Blog

The amended Judicial Redress Act has passed the House and is on its way to the president to be signed into law.  
Read more

Amended version of Judicial Redress Act passes the Senate; now goes back to the House

February 10, 2016 | Blog

The US Senate passed the amended version of the Judicial Redress Act on February 9. The amendments, which tie the Umbrella Agreement to Safe Harbor 2.0 (now dubbed the US-EU "Privacy Shield"), now go back to the House for approval.
Read more

Will free apps soon be dead in Europe?

February 9, 2016 | Blog

As we’ve discussed previously, the GDPR significantly limits user consent as a basis for processing personal data. One interesting question is whether the new rules on consent will kill free apps in Europe. 
Read more

Latest OCR Enforcement Action: Underbed Storage is Not Appropriate for PHI

February 5, 2016 | Blog | By Cynthia Larose

Recent enforcement actions by the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) have highlighted that, not surprisingly, covered Entities should not leave medical records in a physician’s driveway and should not dispose of protected health information (“PHI”) in a dumpster from an action against a home health care provider announced yesterday, we can now add to that list the fact that PHI should not be stored under an employee’s bed or in a kitchen drawer.
Read more

Commission Press Release and FTC Fact Sheet outlines the new EU-US "Privacy Shield"

February 3, 2016 | Blog

The European Commission has issued a press release that gives an outline of some key changes to the EU-US safe harbor, now dubbed the "Privacy Shield."
Read more

EU update: Safe Harbor 2.0 deadline passes without agreement; Art. 29 WP views on BCRs and model clauses expected tomorrow

February 2, 2016 | Blog

No news is not good news this time. The January 31 deadline for getting a new Safe Harbor Agreement in place came and went last weekend.  
Read more

Political Agreement Reached on US-EU Safe Harbor; Details "Hazy"

February 2, 2016 | Blog | By Cynthia Larose

According to press reports, European Union and U.S. negotiators in Brussels finalized what is being called a "political agreement" on a new Safe Harbor transatlantic data transfer agreement. European Union justice commissioner Vera Jourová will present the agreement to the European Commission's 28 commissioners today.
Read more

Running Aground in the Surveillance Safe Harbor - Podcast Available

January 29, 2016 | Blog

If you would like to learn more about the politics and law behind the current Safe Harbor 2.0 negotiations, download the podcast of Running Aground in the Surveillance Safe Harbor, a teleforum hosted by the Federalist Society.  
Read more

Tying it all together: Safe Harbor and Security-Related Data Flows

January 29, 2016 | Blog

One of the fascinating aspects of the privacy-related negotiations between the EU and the US over the past couple of years has been the EU’s efforts to decouple trade (e.g, TTIP) and security-related negotiations from the Safe Harbor 2.0 negotiations.
Read more

(So) What if there’s no Safe Harbor 2.0?

January 28, 2016 | Blog

There’s no doubt businesses in the EU and US would breathe a sigh of relief if a new Safe Harbor agreement is put in place between before European data protection authorities start prosecuting companies for potentially illegal personal data transfers to the US. 
Read more

Ringing Off The Hook: TCPA Issues Still At Forefront As Calendar Turns To 2016

January 21, 2016 | Blog | By Paul Abbott

We may only be three weeks into 2016, but the Telephone Consumer Protection Act (“TCPA”) has already received a considerable amount of attention this year.
Read more

The Exception that Proves the Rule? European Court of Human Rights Okays Employer’s Access to Personal Communications of Employee In (Highly) Limited Circumstances

January 19, 2016 | Blog

The European Court of Human Rights recently ruled in Bărbulescu v. Romania (Application no. 61496/08) that a Romanian employer did not violate its employee’s fundamental right of privacy when the employer accessed personal messages in the employee’s Yahoo! Messenger account.
Read more

The Problem With Data Security is not the Hardware or the Software, It’s the Wetware

January 13, 2016 | Blog | By Cynthia Larose, Kevin McGinty

“Wetware” – coder slang for biological life forms (i.e., people) – is the weak link in most companies’ data security protections, according to a new data security report issued by the Association of Corporate Counsel (ACC). 
Read more

Cybersecurity Tops SEC Office of Compliance Inspections 2016 Examination Priorities

January 12, 2016 | Blog | By Cynthia Larose

The 2016 lists are starting to be released by regulatory agencies in the United States, giving a heads' up to covered entities as to what compliance issues will take front and center this year.  Once again, the Office of Compliance Inspection (OCIE) of the US Securities & Exchange Commission (SEC) has put cybersecurity on the top of its examination priorities.
Read more

Massachusetts Court: Patients Have Standing to Sue for Data Breach Based on Data Exposure Alone

January 4, 2016 | Blog | By Kevin McGinty

A Massachusetts Superior Court judge held that a plaintiff has standing to sue for money damages based on the mere exposure of plaintiff’s private information in an alleged data breach.
Read more

Happy New Year - Cybersecurity Information Sharing Act

January 4, 2016 | Blog | By Christopher Harvie, Cynthia Larose

Just at the end of 2015, the Cybersecurity Information Sharing Act (CISA) was enacted into law as part of the omnibus spending measure passed by Congress and signed by President Obama at right before Christmas. 
Read more

The EU Commission's spin on the new General Data Protection Regulation

December 22, 2015 | Blog

The European Union Commission has issued a fact sheet on the new General Data Protection Regulation (final post-trilogue text available via Statewatch).  The Commission claims that the Regulation is good for individuals and good for business.
Read more

Subscribe

Sign up to receive email updates from Mintz.
Subscribe Now
what-were-reading

What We're Reading

ccpa-toolkit

California Consumer Privacy Act (CCPA) – Toolkit

Mintz Matrix

The Mintz Matrix

Find data breach notification laws by state

Viewpoint Editors

Explore Other Viewpoints:

I'm Looking For...