Skip to main content

Privacy & Cybersecurity


Filter by:

Cybersecurity and the 401(k) Plan Sponsor

February 22, 2018 | Blog | By Cynthia Larose

Mintz Levin Benefits attorney Patricia Moran recently authored an article for  the Society for Human Resources Management's latest publication describing the cybersecurity risks involved with 401(k) Plan sponsorship.
Read more

How to Leverage Privacy as a Key Competitive Advantage

February 20, 2018 | Blog | By Cynthia Larose, Brian Lam

We've discussed privacy compliance with regulations, legal requirements, etc. in the space since this blog's inception. "Privacy by design" - while not a new concept - is certainly enjoying a new spot in the sunshine thanks to the European Union's General Data Protection Regulation ("GDPR") (93 days and counting...) and its codification of "privacy by design and default" in Article 25.
Read more

Deadline Approaching under NY Cybersecurity Regulations

February 13, 2018 | Blog | By Cynthia Larose

If your company is one of the broad group of businesses licensed by the New York Department of Financial Services (NY DFS), a very important deadline is bearing down on February 15. Regulated entities have under Thursday to attest to their compliance with the first-in-the-U.S. cybersecurity regulations (details and links are in blog post below). 
Read more

Practical GDPR Steps for US-Headquartered Life Sciences Companies

February 12, 2018 | Blog | By Susan Foster, Cynthia Larose

In case you had not heard, the European Union is replacing its current privacy laws with a new, comprehensive General Data Protection Regulation (GDPR), which takes effect May 25, 2018.
Read more
The U.S. Supreme Court heard oral arguments in what may become one of the defining consumer privacy cases of our generation. The central question in Carpenter v. United States asks whether the government violates the Fourth Amendment by accessing an individual’s historical cell phone locations records without a warrant.
Read more

GDPR - European Commission Unveils Guidance Website

January 26, 2018 | Blog | By Susan Foster

The European Commission has launched a new data protection website aimed at educating the public and helping businesses and other organizations comply with their new obligations under the General Data Protection Regulation.
Read more
Recently, there has been a lot of discussion regarding the Spectre and Meltdown vulnerabilities. This alert provides a simple overview of what these vulnerabilities are, what systems could be affected, as well as steps that companies can take to reduce the risks that these vulnerabilities create.
Read more

Welcome to 2018 - Here Comes the GDPR

January 3, 2018 | Blog | By Cynthia Larose

Happy 2018. You may notice a new widget in the right sidebar of our home page. Now you have a reminder as to just how close we are to the GDPR D-Day. GDPR is real. GDPR is here.
Read more

Monthly TCPA Digest

December 20, 2017 | Blog | By Cynthia Larose

This month’s issue examines four recent rulings from Seventh Circuit trial courts regarding an FCC rule under the TCPA that mandates opt-out language on solicited faxes, or those sent with the recipient’s consent.
Read more
Biometric data is a hotbed of activity these days. We've discussed the frenetic pace at which class actions are being filed in Illinois under the Biometric Information Privacy Act. 
Read more

Consent under the GDPR: Official Guidance Now Available

December 19, 2017 | Blog | By Susan Foster

One of the most striking changes to EU privacy law under the EU’s General Data Protection Regulation (which goes into effect May 25, 2018) is the very strict approach to user consent.
Read more
The National Association of Insurance Commissioners (NAIC) has approved its draft of the Insurance Data Security Model Law (Model Law) via a meeting of its Executive and Plenary Committees. 
Read more

Two Data Breach Bills Introduced in US Senate

December 11, 2017 | Blog | By Joanne Dynak, Cynthia Larose

As we near the end of a year that has seen more than its share of massive data breaches, two bills have been introduced (one re-introduced) in the U.S. Senate. 
Read more

EU General Data Protection Regulation Webinar Series – Recordings

December 4, 2017 | Blog | By Cynthia Larose, Susan Foster

Since last September, the Mintz Levin Privacy Webinar Series has focused on the upcoming EU General Data Protection Regulation (GDPR) to help businesses understand the reach and scope of the GDPR and prepare for the potentially game-changing privacy regulation.
Read more
Recently proposed legislation in Ohio could provide businesses with special protection from lawsuits in the event of a hack under certain circumstances. Senate Bill 220 would shelter businesses that have been proactive in instituting defenses to guard against data breaches.
Read more

HIPAA and Other Privacy Considerations at Play when Building a Health App

November 8, 2017 | Blog | By Dianne Bourque, Cynthia Larose

Consumers are increasingly turning to health apps for a variety of medical and wellness-related purposes. This has in turn caused greater amounts of data—including highly sensitive information—to flow through these apps.
Read more

The GDPR Roadshow - Coming Soon!

November 7, 2017 | Blog | By Cynthia Larose

The clock is ticking down to May 25, 2018 , the date that the European Union's General Data Protection Regulation (GDPR) goes into effect. The GDPR is likely to be a game-changer for US companies doing business with the European Union, and many are racing against the clock to figure out exactly what their compliance obligations are.
Read more
Has your company recently beefed up its employee identification and access security and added biometric identifiers, such as fingerprints, facial recognition, or retina scans? Have you implemented new timekeeping technology utilizing biometric identifiers like fingerprints or palm prints in lieu of punch clocks?
Read more
The Federal Trade Commission (FTC) clarified in recent guidance how the Children’s Online Privacy Protection Act (COPPA) applies to internet-connected device companies and other businesses that collect and use children’s voice recordings.
Read more
The Article 29 Working Party (WP29) advisory group, which will soon become the more transparently-named (and very powerful) European Data Protection Board, is busy drafting and issuing guidance documents to help organizations understand how European data protection authorities will interpret various requirements of the General Data Protection Regulation (GDPR). 
Read more
Sign up to receive email updates from Mintz.
Subscribe Now

Explore Other Viewpoints: