Privacy & Cybersecurity

Viewpoints

Filter by:

Privacy Monday - November 10, 2014 - Five Things to Start Your Week

November 10, 2014 | Blog | By Cynthia Larose

Welcome to Privacy Monday - here are five privacy & security bits and bytes to start your week:
1)  California AG's Data Breach Report: Who Is Handling Your Patients' Confidential Health Information?
Read more

Home Depot Data Breach Litigation: Venue and Consolidation

November 5, 2014 | Blog | By Cynthia Larose

Substantive litigation in the flood of lawsuits concerning the recent Home Depot data breach awaits a determination of where the cases will be heard.  Numerous overlapping lawsuits have been filed in courts throughout the United States asserting claims on behalf of consumers and financial institutions arising from the massive theft of credit card data that was confirmed by Home Depot in September.
Read more

Court Dismisses Shareholder Derivative Action Targeting Directors and Officers for Data Breaches

October 22, 2014 | Blog | By Cynthia Larose

A federal district court in New Jersey has dismissed with prejudice a shareholder derivative suit, Palkon v. Holmes, No. 14-CV-01234 (SRC) (D.N.J.), that tried to blame the directors and officers at hospitality company Wyndham Worldwide Corporation (“Wyndham”) for a series of data breaches.
Read more

A Different Kind of “Virus”: FDA Follows NIST Framework in Cybersecurity Guidance for Medical Devices

October 8, 2014 | Blog | By Cynthia Larose

In past posts we’ve taken a close look at the Framework for Improving Critical Infrastructure Cybersecurity put forth by the National Institute of Standards and Technology (NIST), exploring its wide-ranging implications for companies across a number of different industries.
Read more

Nude Photos and National Cyber Security Awareness Month

October 2, 2014 | Blog | By Cynthia Larose

October is National Cyber Security Awareness Month. This is an opportunity to remind employees (and yourselves) about how to keep corporate networks and their own cyber lives secure.
Read more

Notes from the Joint OCR/NIST HIPAA Security Conference

October 1, 2014 | Blog | By Cynthia Larose

As a service to our readers, we have distilled last week’s joint HHS Office of Civil Rights (OCR) and National Institute of Standards in Technology (NIST) conference, “Safeguarding Health Information: Building Assurance through HIPAA Security” into three phrases:  (i) risk assessment, (ii) workforce training, and (iii) adequate encryption. 
Read more

Time to Step Up Your COPPA Compliance

September 25, 2014 | Blog | By Cynthia Larose

As we promised in our post on the Yelp and TinyCo Federal Trade Commission COPPA enforcement actions, the Mintz Privacy Team has prepared an extensive review and analysis of both actions, and a helpful guide to avoiding COPPA violations.
Read more

Privacy Monday - September 22, 2014

September 22, 2014 | Blog | By Cynthia Larose

Happy autumnal equinox
Home Depot Breach - By the Numbers
Read more

BREAKING NEWS: THE COPPA ENFORCEMENT ACTIONS ARE HERE!

September 17, 2014 | Blog | By Cynthia Larose

As we predicted in prior blog posts (here and here), the Federal Trade Commission has begun its vigorous enforcement of the Amended COPPA Rule.  And one of the players is not a child-related site, so read on. 
Read more

NIST Issues Draft Report Enumerating Risks and Protections to Consider When Evaluating Mobile Apps for Your Enterprise

September 12, 2014 | Blog | By Cynthia Larose

As the world recovers from the excitement leading up to Tuesday’s Apple Live Event announcement of the new iPhone 6 and Apple Watch, mobile app developers are chomping at the bit to create software that leverages the new operating system and Apple’s widely-anticipated “HealthKit,” a purportedly secure platform that allows mHealth apps to share user’s health and fitness data with the new Health app and with each other. 
Read more

California Sets the Curve with New Regulations on Collection and Use of Student Data

September 5, 2014 | Blog | By Cynthia Larose

When one thinks of the use of technology in school, often the first image that comes to mind is of students sending ill-advised Snapchats and making in-app purchases that line the pockets of the Kardashian family, rather than paying attention in geometry. 
Read more

Another day, another data breach.....DIYers, beware. This time it's Home Depot.

September 3, 2014 | Blog | By Cynthia Larose

It appears that the data breach victim of the week (perhaps of the year) is The Home Depot. Brian Krebs has reported that it appears that two large dumps of purloined credit card numbers have made an appearance on the black market and that those numbers may have originated at Home Depot locations. 
Read more

"Backoff" Update -- More Widespread, PCI Council Issues Call to Action -- If You Accept Credit Cards Via Point-of-Sale, You Need to Read This

August 28, 2014 | Blog | By Cynthia Larose

Some weeks ago, we wrote a piece "What You Need to Know About Backoff Malware: The New Threat Targeting Retailers". It's apparently gotten worse. Any business utilizing point-of-sale (POS) terminals for "swiping" credit cards needs to pay attention to this threat and assess vulnerability.
Read more

NIST Seeks Comments on Cybersecurity Framework

August 28, 2014 | Blog

The National Institute of Standards and Technology (NIST), publishers of the Framework for Improving Critical Infrastructure Cybersecurity (the “Framework”) last February, have published a Request for Information in the Federal Register seeking comments on industry experience with the Framework to date. 
Read more

Do you want your under 13 kid to have a Gmail or YouTube account? Google does.....

August 22, 2014 | Blog | By Cynthia Larose

According to recent media reports, Google is allegedly designing a Google account for children under 13 which would permit children in this age group to officially create  their own Gmail account and to access a kid-friendly version of YouTube.
Read more

Data Privacy and Security Roundtable: Anticipating the Inevitable

August 22, 2014 | Blog | By Cynthia Larose

Technology, retail, medical, financial services, education ..... and more experience data losses on a daily basis through employee negligence, poor controls, insider attacks, advanced persistent threats from malevolent outsiders or computer viruses.
Read more

Wearable Devices in the Workplace Challenge Data Security and Privacy

August 21, 2014 | Blog

Wearable devices, including health and activity monitors, video and audio recorders, location trackers, and other interconnected devices in the form of watches, wristbands, glasses, rings, bracelets, belts, gloves, earrings and shoes are being heavily promoted in the next wave of consumer electronics.
Read more

Massive Data Breach Affects 4.5 Million Patients in 29 States

August 20, 2014 | Blog | By Cynthia Larose

Community Health Systems, Inc. (the “Company”), one of the largest hospital organizations in the country, announced via a public filing (Form 8K) made yesterday with the Securities and Exchange Commission (“Report”) that the Company was the target of a cyber attack that compromised the health data of 4.5 million individuals.
Read more

Cybersecurity Risks: Discussion for the Board Room (and for the General Counsel)

August 19, 2014 | Blog | By Cynthia Larose

The issue of cyberliability risk is finally making its way to the board room. We have written about the importance of board education and board involvement in the assessment of cyber threats and liability risk and the Securities and Exchange Commission is looking carefully at public company disclosures of cybersecurity risks as a factor for the investing public. 
Read more

Google, the House of Lords and the timing of the EU Data Protection Regulation

August 19, 2014 | Blog

 (LONDON) Could the European Court of Justice’s May 13, 2014 Google Spain decision delay the adoption of the EU Data Protection Regulation?
Read more

Subscribe

Sign up to receive email updates from Mintz.
Subscribe Now
what-were-reading

What We're Reading

ccpa-toolkit

California Consumer Privacy Act (CCPA) – Toolkit

Mintz Matrix

The Mintz Matrix

Find data breach notification laws by state

Viewpoint Editors

Explore Other Viewpoints:

I'm Looking For...