Skip to main content

Privacy & Cybersecurity

Viewpoints

Filter by:

As we blogged here last week, we were going to post our Client Alert with further details about the settlement and consent order reached by the restaurant chain Dave & Buster's and the Federal Trade Commission relating to the breach suffered by the chain.
Read more
We will post a link to the amended legislation as soon as it is released by the Committee.
Read more
In case your data security compliance plan is stuck in neutral, you have questions, or you haven't started yet...there will be a free (!) breakfast hands-on workshop on Thursday in Tewksbury, MA.
Read more
Our Friday afternoon feature is back (albeit on Thursday due to schedule tomorrow) – a quick round-up of bits and bytes related to data privacy and security.
Read more
That’s how Federal Trade Commission Chairman Jon Leibowitz described the identity theft protection offered to consumers by the widely-advertised LifeLock product and the claims made by the company that its service provided comprehensive identity theft protection.
Read more

Major "goof" at Citibank

March 4, 2010 | Blog | By Cynthia Larose

For all of you who have been struggling with data security compliance obligations from various fronts, and trying to handle complex technical issues such as encryption of portable devices and data "at rest" and "in transit" --- here is a very big story regarding plain old everyday mail.
Read more
At the beginning of the "countdown" to the March 1st effective date of 201 CMR 17.00, we offered some posts with "misapprehensions" and compliance suggestions.
Read more
February and March are just full of significant deadlines for privacy/security reporting and compliance.
Read more
We have been so focused on the upcoming Massachusetts data security deadline, that we let one last week go without fanfare. As we have gently reminded you on several occasions, the new HIPAA privacy and security rules contained in the Health Information Technology for Clinical and Economic Health Act (HITECH) became effective on February 17th.
Read more
As we approach the 10 day mark to the March 1 effective date of the Massachusetts data security regulations, 201 CMR 17.00, we thought that we would share another misapprehension in the ever-growing list.
Read more

Tracking the cookie crumbs

February 1, 2010 | Blog | By Cynthia Larose

Disabling cookies may not be the answer to controlling your online identity. Regardless of whether you have cookies enabled or not, Web sites collect certain amounts of operational information about your browser.
Read more
Effective February 17, 2010, significant new compliance obligations will be imposed on business associates through the HITECH provisions of the American Recovery and Reinvestment Act of 2009 ("ARRA").
Read more

Security Bits and Bytes

January 8, 2010 | Blog | By Cynthia Larose

A few items to wrap up/review privacy and security issues in 2009 and open up 2010:
Read more
On December 30, 2009, the Centers for Medicare & Medicare Services (CMS) and the Office of the National Coordinator for Health Information Technology (ONC) issued interim final rules necessary to implement electronic health record (EHR) incentive programs enacted under the American Recovery and Reinvestment Act of 2009.
Read more
According to its 8-K filing with the Securities and Exchange Commission (SEC), Heartland Payment Systems Inc. has agreed to pay American Express Travel Related Services Co. Inc. just over $3.5 million to settle any claims arising out of a massive payment card data breach.
Read more

More Detail on Quan Case

December 16, 2009 | Blog | By Cynthia Larose

My colleague, Martha Zackin, has published a more extensive discussion of the issues before the U.S. Supreme Court in the Quan case --
Read more
During the holiday season, many organizations are soliciting donations of old cell phones to be repurposed. This is an excellent way to "reuse, reduce, and recycle" and puts those useless (to you) items to use in a positive way, but please remember -- important and private data reside in your cell phone's internal memory, even if your phone has a removable SIM card.
Read more
As we first blogged here, hours before the last Red Flags enforcement deadline, a federal court judge in the D.C. Circuit ruled from the bench that attorneys would not be subject to the Red Flags Rule. The court released Judge Walton's written opinion was released on December 1, 2009, which provides clarification of his comments from the bench.
Read more
A Cook County, Illinois jury recently awarded $1.8 million dollars to Kathy Lawlor, who claimed that her former employer, North American Corp. of Illinois, violated her privacy rights by hiring a private investigator who fraudulently obtained her telephone records through the use of “pretexting” – or by pretending to be Lawlor herself.
Read more
Nearly 10 months after disclosing a months-long data breach that affected millions of consumers, the financial impact of the Heartland data breach continues to unfold.
Read more

Explore Other Viewpoints: