Skip to main content

Privacy & Cybersecurity

Viewpoints

Filter by:

Nemours Children’s Health System has reported the loss of three, unencrypted computer backup takes containing patient billing and employee payroll data.  The tapes had been stored in a locked cabinet, and were reported missing on September 8th. 
Read more
We have a new expert in the house for cybersecurity, privacy and technology issues. Our government relations affiliate, ML Strategies has announced a new Manager of Government Relations,  Rachel Sanford. 
Read more
We update the myriad of state data breach notification laws on a quarterly basis in what we fondly call the Mintz Data Breach Matrix. Hot off the presses is the version current as of October 1, 2011. 
Read more
In an important ruling for Internet service providers, the U.S. Court of Appeals for the Ninth Circuit has  unanimously affirmed the ruling of a district court that the provisions of the Electronic Communications Privacy Act of 1986 (ECPA) prohibiting internet service providers from disclosing the contents of stored communications protect the U.S.-stored electronic communications of foreign citizens.
Read more
Connecticut Attorney General George Jepsen has announced the creation of a Privacy Task Force to help educate the public about data protection requirements and to focus his Office’s response to Internet privacy concerns and data breaches that affect consumers.
Read more
The Federal Trade Commission has released its long anticipated proposed revisions to its rule implementing the Children’s Online Privacy Protection Act (“COPPA”). COPPA governs (1) operators of websites and online services that are directed to children under the age of 13 and (2) operators of general audience websites or online services that have actual knowledge that a user is under 13. 
Read more
In a mixed decision, a federal court judge in New York dismissed federal statutory claims arising from Web-based advertisers' use of cookies that tracked users' Web browsing activities, but denied a motion to dismiss claims under state law.
Read more
Recently the California Public Utilities Commission (CPUC) in a unanimous decision approved data protection rules for the following Smart Grid providers: Pacific Gas and Electric Company, Southern California Edison, San Diego Gas and Electric Company, and the companies that assist them in utility operations, companies under contract with the utilities, and other companies that, after authorization by a customer or by the action of the CPUC, gain access to such customer's usage data directly from the utility.
Read more
Texas covered entities (health care providers, health insurers and clearinghouses) and other entities that use and disclose PHI of Texas residents using electronic health records (EHRs) face new risks and stringent requirements under HB300, a new Texas privacy law. 
Read more
It is time for covered entities and business associates to jump start HIPAA privacy and security programs and make sure that everything is in compliance.   GovInfoSecurity reports that the Department of Health and Human Services (HHS) has awarded a $9.2 million contract to KPMG to develop protocols for conducting the long-awaited HITECH Act-mandated HIPAA compliance audit program. 
Read more
Regular readers of this blog will be familiar with my view that difficulty in proving actual damages poses challenges to would-be plaintiffs in privacy class actions. 
Read more
In a settlement announced by the Federal Trade Commission (“FTC”) on June 27, 2011, Teletrack, Inc. agreed to pay $1.8 million to settle FTC charges that it violated the Fair Credit Reporting Act (“FCRA”) by selling consumer reports to marketers without a “permissible purpose.”
Read more
Bank Info Security reports that a magistrate for the U.S. District Court in Maine issued an Order that further defines what constitutes “reasonable” security practices.
Read more
On Monday, a federal judge in Los Angeles issued an order granting final approval to a previously-announced settlement of consolidated class actions alleging that the use of so-called “flash cookies” in connection with advertising on web sites resulted in unauthorized tracking of web users’ browsing activity.
Read more
The United States District Court for the Northern District of California has dismissed the claims of the plaintiffs against Facebook in the case of In re: Facebook Privacy Litigation. 
Read more
The Chairman of the Federal Trade Commission, Jon Leibowitz, said: It's the law, it's the right thing to do, and, as today's settlement demonstrates, violating COPPA will not come cheap.
Read more
With the inevitability of death and taxes, data breaches spawn class action lawsuits. The massive Sony PlayStation Network data breach has now resulted in the filing of a class action in federal court in Massachusetts captioned Thompson v. Sony Computer Entertainment. 
Read more
There have been hundreds of articles written in the past week on the Sony Playstation Network breaches. Cynthia Larose, chair of Mintz Levin's Privacy and Data Security practice, has been quoted in several articles over the weekend, including The Wall Street Journal, Reuters, and The Chicago Tribune.
Read more
We've had the Epsilon breach. We've had Sony Breach One and Sony Breach Two. Today, Bloomberg News reports on a breach that may be, as one security expert in the article calls it, "the nastiest password hack in history...." LastPass is reporting that hackers may have broken into its database and stolen info on as many as 1.25 million users.
Read more
Yesterday, in a Customer Service Notification posted on its website, Sony Online Entertainment LLC (“SOE”) based in San Diego, California revealed that its systems were also the subject of a hacking attack.
Read more

Explore Other Viewpoints: