Skip to main content

Privacy & Cybersecurity

Viewpoints

Filter by:

Privacy & Thumbnail Viewpoints Thumbnail

COVID-19 Will Apparently Not Delay CCPA Enforcement

March 26, 2020 | Blog | By Natalie Prescott

While many companies around the world are coping with a global pandemic, some are facing additional challenges in light of a looming deadline triggered by the California Consumer Privacy Act (“CCPA”).  Citing #covid19 concerns, a coalition of more than 60 such companies made a plea this week to California’s Attorney General Xavier Becerra (“AG”) to delay the AG’s enforcement of the CCPA.
Read more
Privacy & Thumbnail Viewpoints Thumbnail
Although it may not seem like it, there are privacy-related issues to discuss beyond COVID-19.   Before the state of emergency, we saw the first complaint under the California Consumer Privacy Act (CCPA) filed in a California federal court.  This action, styled as Fuentes v. Sunshine Behavioral Health Group, LLC, Case No. 8:20-cv-00487 (C.D. Cal. March 10, 2020)[LINK TO PDF], arose from a data breach, which allegedly exposed highly sensitive personal and medical information of thousands of patients of Sunshine Behavioral Health Group (“Sunshine”).
Read more
Privacy & Thumbnail Viewpoints Thumbnail
With the advent of COVID-19, countries around the world are facing a novel challenge that affects them in unprecedented ways economically, socially, and otherwise.  From a public health perspective, now perhaps more than ever before, authorities are interested in understanding more about the movement patterns of those within their borders, including where certain individuals have traveled to, who they have met with, and where they are located now.  
Read more
Privacy & Thumbnail Viewpoints Thumbnail
Companies with employees in multiple European locations may well be feeling challenged both in keeping up with public health-driven guidance – and more recently, mandates – relating to the SARS-COV2 risks in the workplace.  On top of extraordinarily urgent efforts to limit the spread of the novel coronavirus while maintaining as much business continuity as possible, companies have legitimate concerns about their data protection obligations under the General Data Protection Regulation (GDPR) and national employment laws.
Read more
Privacy & Thumbnail Viewpoints Thumbnail
The Financial Industry Regulatory Authority (FINRA), the independent nongovernmental organization that writes and enforces the rules governing U.S. registered brokers and broker-dealers, has issued guidance to its member firms regarding pandemic-related planning. 
Read more
Privacy & Thumbnail Viewpoints Thumbnail
The New York Department of Financial Services (NYDFS) issued guidance to financial institutions engaged in virtual currency business activities, mandating that an emergency preparedness plan from each firm be submitted to NYDFS within 30 days from March 10, 2020.  The agency also outlined the respective responsibilities of the boards of directors, senior management, and CEOs (or their equivalents).
Read more
Privacy & Thumbnail Viewpoints Thumbnail

Coronavirus (COVID-19): Managing Cyber Security Risks of Remote Work

March 13, 2020 | Blog | By Christopher Buontempo, Cynthia Larose

With cases of the Novel Coronavirus (COVID-19) emerging in nearly every state, many businesses are taking swift action in an effort to curb its spread.  Teleworking, “remote working,” or simply “working from home,” is a centerpiece of those efforts. While remote working arrangements may be effective to slow the community spread of COVID-19 from person to person, they present cybersecurity challenges that can be different than on-premise work. 
Read more
Privacy & Thumbnail Viewpoints Thumbnail

Beware the Coronavirus Email Scams

March 6, 2020 | Blog | By Cynthia Larose

COVID-19 is not the only virus associated with the global outbreak. As predictably as night follows day, cybercriminals have been using the epidemic as a means to spread their malicious payloads. Companies should include information about cyber hygiene along with the CDC recommendations of hand washing, particularly given the potential for increased remote access to corporate IT systems.

Read more
Privacy & Thumbnail Viewpoints Thumbnail
Wrapping up our multi-part series on the recent revisions to the CCPA draft regulations issued earlier this month by the California Attorney General’s office, we look at Article 6 pertaining to non-discrimination and financial incentives.
Read more
Privacy & Thumbnail Viewpoints Thumbnail
In this post, we offer insights on the revisions recently made by the California Attorney General’s office to Article 5 of its draft regulations pertaining to special rules regarding minors. Article 5 imposes special requirements on businesses that sell the personal information of children and minors.  We previously reported on this part of the draft regulations.
Read more
Health Care Viewpoints Thumbnail

Health Care Data Breaches Are Increasing Both in Number and Cost

February 20, 2020 | Blog | By Sarah Beth Kuyers

It feels like we’ve been seeing a lot more health care breaches caused by hackers and other IT security incidents recently, and there’s a good reason why: a recent report by cloud security company Bitglass confirms that both the number of breaches and individuals affected by breaches caused by hackers and IT incidents grew significantly last year.  Bitglass analyzed data from the breach portal, affectionately known as the “Wall of Shame,” published by the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR).  Pursuant to the HITECH Act, HHS is required to post a list of all reported breaches that affect 500 or more individuals. OCR classifies the types of breaches reported on the Wall of Shame, and the "Hacking/IT Incident" category includes a variety of breaches, including malicious intrusion, malware, ransomware, phishing, and general IT security failures.
Read more
Privacy & Thumbnail Viewpoints Thumbnail

Analysis of Modified Attorney General Regulations to CCPA—Part 3: Verification of Requests

February 19, 2020 | Blog | By Natalie Prescott, Cynthia Larose

In this post, we offer insights on the revisions recently made by the California Attorney General’s office to Article 4 of its draft regulations pertaining to verification requirements.  Article 4 specifies how businesses should verify consumers’ identities when they receive consumers’ data requests.  We previously reported on this part of the draft regulations.
Read more
Privacy & Thumbnail Viewpoints Thumbnail

UPDATE: WPA Passes Washington State Senate

February 19, 2020 | Blog | By Cynthia Larose, Christopher Buontempo

The Washington Privacy Act has overwhelmingly passed the Washington state senate by a vote of 46-1.   Similar legislation passed the state senate last year and failed in the Washington house of representatives.  We will track the bill in the Washington house and update on its status. 
Read more
Privacy & Thumbnail Viewpoints Thumbnail
We previously provided insights into this important portion of the regulations here.  In this installment we address important revisions provided by the AG’s office to Article 3 of these regulations, several of which will have far reaching implications. 
Read more
Privacy & Thumbnail Viewpoints Thumbnail
Back in October, we provided a summary of Article 2 of the California Attorney General’s Initial Proposed CCPA draft regulations, which specify certain notices that must be given to consumers at the time of collection of their personal information, including consumers’ rights to opt-out of the sale of their personal information, and notices of financial incentives a business may offer in exchange for consumers’ personal information.
Read more
Privacy & Thumbnail Viewpoints Thumbnail

Updated Attorney General Regulations to the CCPA – A Series

February 12, 2020 | Blog | By Cynthia Larose

The revised draft regulations to the California Consumer Privacy Act were issued by the California Attorney General’s office on February 7, and then modified on February 10.   These amendments are open for public comment under Tuesday, February 25, 2020 at 5 pm PST. Starting tomorrow, we will update our October 2019 series of analyses of the various provisions of the draft regulations and operational impacts.
Read more
Health Care Viewpoints Thumbnail
As the coronavirus remains to be an active outbreak with cases increasing within the United States, this is a good time to review how HIPAA applies in a public health emergency, including its restrictions and flexibility in these types of situations. Accordingly, last week, the Office for Civil Rights (OCR) released a helpful bulletin on how the HIPAA Privacy Rule comes into play with the coronavirus outbreak and other public health emergencies.
Read more
Privacy & Thumbnail Viewpoints Thumbnail

California AG Issues Revised Draft CCPA Regulations

February 10, 2020 | Blog | By Cynthia Larose

Late in the afternoon on Friday, the California Attorney General dropped the long-awaited revised draft regulations implementing the California Consumer Privacy Act of 2018 (CCPA).  The AG’s office provided a redline to the initial draft regulations, which we have previously discussed.
Read more
Privacy & Thumbnail Viewpoints Thumbnail

The View from DC: Expansion of COPPA?

February 7, 2020 | Blog | By Christian Tamotsu Fjeld, Christopher Harvie, Cynthia Larose

Representative Kathy Castor (D-FL) has introduced the Protecting the Information of Our Vulnerable Children and Youth Act (PRIVCY ACT), which is a significant rewrite of the Children’s Online Privacy Protection Act (COPPA). In so doing, the bill expands the scope of COPPA’s protections and creates new enforcement mechanisms. The children advocacy groups, Common Sense Media and the Campaign for a Commercial-Free Childhood, have come out in public support of the bill, as has the privacy advocacy group, the Center for Digital Democracy.
Read more
Privacy & Thumbnail Viewpoints Thumbnail
The companies Salesforce.com, Inc. and Hanna Andersson, LLC are on the receiving end of a novel lawsuit, which appears to be the very first data breach class action ever filed with alleged violations of the California Consumer Privacy Act (“CCPA”).  The case is styled as Barnes v. Hanna Andersson, LLC , N.D. Cal., Case No. 20-cv-00812.
Read more
Sign up to receive email updates from Mintz.
Subscribe Now

Explore Other Viewpoints: