Privacy & Cybersecurity

Viewpoints

Filter by:

HITECH Act Compliance Date Arrived -- Without the Promised Regulatory Guidance

February 22, 2010 | Blog | By Cynthia Larose

We have been so focused on the upcoming Massachusetts data security deadline, that we let one last week go without fanfare. As we have gently reminded you on several occasions, the new HIPAA privacy and security rules contained in the Health Information Technology for Clinical and Economic Health Act (HITECH) became effective on February 17th.
Read more

Countdown to compliance with 201 CMR 17.00.....11 days

February 17, 2010 | Blog | By Cynthia Larose

As we approach the 10 day mark to the March 1 effective date of the Massachusetts data security regulations, 201 CMR 17.00, we thought that we would share another misapprehension in the ever-growing list.
Read more

Tracking the cookie crumbs

February 1, 2010 | Blog | By Cynthia Larose

Disabling cookies may not be the answer to controlling your online identity. Regardless of whether you have cookies enabled or not, Web sites collect certain amounts of operational information about your browser.
Read more

Data Privacy Day Tip #2 - HITECH Act

January 28, 2010 | Blog | By Cynthia Larose

Effective February 17, 2010, significant new compliance obligations will be imposed on business associates through the HITECH provisions of the American Recovery and Reinvestment Act of 2009 ("ARRA").
Read more

Security Bits and Bytes

January 8, 2010 | Blog | By Cynthia Larose

A few items to wrap up/review privacy and security issues in 2009 and open up 2010:
Read more

New Regulations Propose a Definition of 'Meaningful Use'

January 4, 2010 | Blog | By Cynthia Larose

On December 30, 2009, the Centers for Medicare & Medicare Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) issued interim final rules necessary to implement electronic health record (EHR) incentive programs enacted under the American Recovery and Reinvestment Act of 2009.
Read more

The real cost of data breaches - Heartland to pay Amex $3.5 million

December 21, 2009 | Blog | By Cynthia Larose

According to its 8-K filing with the Securities and Exchange Commission (SEC), Heartland Payment Systems Inc. has agreed to pay American Express Travel Related Services Co. Inc. just over $3.5 million to settle any claims arising out of a massive payment card data breach.
Read more

More Detail on Quan Case

December 16, 2009 | Blog | By Cynthia Larose

My colleague, Martha Zackin, has published a more extensive discussion of the issues before the U.S. Supreme Court in the Quan case --
Read more

Holiday Privacy Watch: Take care before you donate that cell phone

December 8, 2009 | Blog | By Cynthia Larose

During the holiday season, many organizations are soliciting donations of old cell phones to be repurposed. This is an excellent way to "reuse, reduce, and recycle" and puts those useless (to you) items to use in a positive way, but please remember -- important and private data reside in your cell phone's internal memory, even if your phone has a removable SIM card.
Read more

Court issues written opinion explaining decision regarding applicability of Red Flags Rule to attorneys

December 3, 2009 | Blog | By Cynthia Larose

As we first blogged here, hours before the last Red Flags enforcement deadline, a federal court judge in the D.C. Circuit ruled from the bench that attorneys would not be subject to the Red Flags Rule. The court released Judge Walton's written opinion was released on December 1, 2009, which provides clarification of his comments from the bench.
Read more

$1.8 Million Verdict in Pretexting Case

October 29, 2009 | Blog | By Cynthia Larose

A Cook County, Illinois jury recently awarded $1.8 million dollars to Kathy Lawlor, who claimed that her former employer, North American Corp. of Illinois, violated her privacy rights by hiring a private investigator who fraudulently obtained her telephone records through the use of “pretexting” – or by pretending to be Lawlor herself.
Read more

More on the real cost of the Heartland breach

October 7, 2009 | Blog | By Cynthia Larose

Nearly 10 months after disclosing a months-long data breach that affected millions of consumers, the financial impact of the Heartland data breach continues to unfold.
Read more

Vets Data At Risk? Again?

October 6, 2009 | Blog | By Cynthia Larose

Wired.com reports on a possible breach at -- of all places -- the National Archives and Records Administration (NARA) that, if verified, could affect tens of millions of records about U.S. military veterans.
Read more

Check your employee handbook - what you might think is fraud and abuse may not be a federal case....

September 25, 2009 | Blog | By Cynthia Larose

My colleagues over at the Employment Matters blog report on an interesting decision drawing attention to the need for clear and explicit policies regarding "acceptable use" of computers and company information and the absolute necessity to terminate access once an employee or contractor is terminated.
Read more

What is "reasonable expectation of privacy" in an employment context?

September 21, 2009 | Blog | By Cynthia Larose

A recent decision by the Maine Supreme Court highlights the tension between an employee's reasonable expectation of privacy in conducting personal business through a company's computer system and the individual's right to prevent the company's publishing of such material.
Read more

BREAKING NEWS - Changes to 201 CMR 17.00

August 17, 2009 | Blog | By Cynthia Larose

Just released - proposed amendments to the Massachusetts data security regulations -- and a three-month extension of time to comply. Stay tuned for a full analysis.
Read more

Privacy and Security Bits and Bytes

August 14, 2009 | Blog | By Cynthia Larose

Just some nuggets to wrap up the week:
Read more

Data Breach du Jour ....

August 14, 2009 | Blog | By Cynthia Larose

The Associated Press reports that American Express has notified some card-holders that their information may have been compromised. According to an American Express spokesperson, the breach resulted from an employee’s recent theft of data.
Read more

Do you market to 'tweens?? Better watch out for the new Maine law.....

July 24, 2009 | Blog | By Cynthia Larose

Maine Governor John Baldacci has signed a sweeping new law called "An Act to Prevent Predatory Marketing Practices to Minors." While that is a laudatory effort and responsible marketers would not want to be predatory, it is not difficult to see this law as overreaching.
Read more

State BT Legislation

July 13, 2009 | Blog | By Cynthia Larose

Much as it is with general federal privacy legislation, nature abhors a vacuum, and the states take up the "hot potato."
Read more

Subscribe

Sign up to receive email updates from Mintz.
Subscribe Now
what-were-reading

What We're Reading

ccpa-toolkit

California Consumer Privacy Act (CCPA) – Toolkit

Mintz Matrix

The Mintz Matrix

Find data breach notification laws by state

Viewpoint Editors

Explore Other Viewpoints:

I'm Looking For...