Privacy & Cybersecurity

Viewpoints

Filter by:

Get Ready for those HIPAA Audits - New Audit Protocol (and a Mintz Tool!)

April 20, 2016 | Blog | By Dianne Bourque, Cynthia Larose

At long last, the Department of Health and Human Services Office for Civil Rights (OCR) has released a revamped audit protocol that now addresses the requirements of the 2013 Omnibus Final Rule. OCR will be using the audit protocol for its impending Phase 2 audits of covered entities and business associates, which are set to begin next month.
Read more

Article 29 Working Party Opinions on Privacy Shield and Surveillance

April 14, 2016 | Blog

The Article 29 Working Party has released opinions on Privacy Shield and "essential guarantees" under EU law relating to surveillance.
Read more

Key EU Advisory Body Declines to Support Privacy Shield (Update)

April 13, 2016 | Blog

Earlier today, the Article 29 Working Party (“WP29”) held a press conference to give a preview of its assessment of the proposed EU-US Privacy Shield arrangements that were slated to replace the struck-down Safe Harbor program and bring much-needed certainty to companies that transfer personal data from the EU to the US.
Read more

FCC Broadband Privacy and Security Proposed Rulemaking Underway

April 13, 2016 | Blog | By Cynthia Larose, Ari Moskowitz

As we reported last month, the FCC was preparing a proposed rulemaking (NPRM) to establish privacy and data security requirements for broadband internet access service (BIAS) providers. The FCC has now released that proposal with comments and reply comments due May 27th and June 27th respectively.
Read more

It’s A Wrap! Sony Pictures Data Breach Case Settles Without A Hollywood Ending For The Plaintiff Class

April 8, 2016 | Blog | By Cynthia Larose, Kevin McGinty

Everyone loves a good courtroom drama. So just imagine this pitch: henchmen of an evil dictator hack their way into a movie studio computer system. Once inside, they steal the most sensitive personal information of the studio’s stars, executives and employees.
Read more

The April 2016 Update -- The Mintz Matrix

April 4, 2016 | Blog | By Cynthia Larose

In 2004, Mintz Levin created a compendium of state data breach notification laws and has been updating it on a regular basis ever since.
Read more

Phase 2 HIPAA Audits Coming to You: Check Your Spam Filter!

March 23, 2016 | Blog | By Dianne Bourque, Cynthia Larose

The HHS Office for Civil Rights (“OCR”) officially launched  the long-awaited (and dreaded) Phase 2 of the HIPAA Audits Program on March 21st. Covered Entities and Business Associates need to be prepared for these audits and be on the lookout for emails (check your spam filter!) from OCR that will begin the audit process.
Read more

Pay Attention to Business Associate Agreements!

March 22, 2016 | Blog | By Cynthia Larose

For our HIPAA-covered entity readers, we have asked these questions before: Have you taken a business associate inventory? Have you undertaken a comprehensive risk assessment as required by HIPAA?
Read more

CISA Guidelines (Part 3): Guidance to Assist Non-Federal Entities

March 18, 2016 | Blog | By Christopher Harvie, Ari Moskowitz

As we wrote previously, the federal government released several guidance documents last month implementing The Cybersecurity Information Sharing Act (CISA). Among these was the Guidance to Assist Non-Federal Entities to Share Cyber Threat Indicators and Defensive Measures with Federal Entities under CISA published by the Department of Homeland Security and Department of Justice. 
Read more

Not again .... yet another health care data breach

March 17, 2016 | Blog | By Cynthia Larose, Ryan Cuthbertson

21st Century Oncology Holdings, a company that operates a chain of 181 cancer treatment centers in the US and Latin America, announced on Friday March 4 that it was latest victim of a cyber-attack affecting 2.2 million individuals.
Read more

Early Settlement of the Home Depot Consumer Data Breach Claims – The Start of a Trend?

March 16, 2016 | Blog | By Kevin McGinty

Last week, a federal court in Atlanta issued an order preliminarily approving a proposed settlement – valued up to $19.5 million – of the consumer claims arising from the 2014 theft of payment card data from Home Depot. The cash and noncash terms of the proposed settlement are unexceptional.
Read more

FCC Announces Broadband Privacy Proposal

March 15, 2016 | Blog | By Christopher Harvie, Ari Moskowitz

FCC Chairman Tom Wheeler has announced that a proposed rulemaking is being circulated among the Commissioners that would establish privacy and data security requirements applicable to providers of broadband Internet access service (BIAS). 
Read more

Verizon Settles Supercookie Probe with FCC

March 10, 2016 | Blog | By Christopher Harvie, Ari Moskowitz

Verizon Wireless has reached a settlement with the Federal Communications Commission over Verizon’s insertion of unique identifier headers (“UIDH”), also known as “supercookies,” to track customers’ mobile Internet traffic without their knowledge or consent. 
Read more

Apple vs. FBI: The House Judiciary Committee Hearing and Takeaways

March 3, 2016 | Blog | By Cynthia Larose

Among the major headlines dominating not only the recent news cycle, but also this week's RSA Conference in San Francisco, has been Apple’s challenge to the federal government’s request that Apple assist in unlocking the iPhone recovered from the perpetrators of the shootings in San Bernardino. 
Read more

CISA Guidelines: Privacy and Civil Liberties Interim Guidelines for Federal Agencies

March 2, 2016 | Blog | By Cynthia Larose, Christopher Harvie, Ari Moskowitz

Last week, we discussed the Federal government’s first steps toward implementing the Cybersecurity Information Sharing Act (CISA). Among the guidance documents released by the Department of Homeland Security and the Department of Justice were the Privacy and Civil Liberties Interim Guidelines.
Read more

Key Review of Privacy Shield Coming in Six Weeks

March 1, 2016 | Blog

Now that the EU Commission has published the complete version of its draft decision adopting the EU-US Privacy Shield program, it's time for the key reviewers to dig in. I don't mean the lawyers, or EU privacy advocates, or US businesses, although their views will no doubt be wide-ranging and illuminating.
Read more

EU-US Privacy Shield Agreement Published

February 29, 2016 | Blog

The European Commission has finally made the draft text of the EU-US Privacy Shield program available. The Privacy Shield program, which was agreed to in principle by US and EU negotiators nearly four weeks ago, will replace the Safe Harbor program that was struck down last autumn by the Court of Justice of the EU.
Read more

California by the Numbers (Part 2): How to Stay out of the 2017 Report

February 26, 2016 | Blog | By Cynthia Larose, Julia Siripurapu

Yesterday, we reviewed the staggering numbers in California Attorney General Kamala Harris' 2016 Data Breach Report.
Read more

California by the Numbers (Part 1): 24 Million Compromised in 2015

February 25, 2016 | Blog | By Cynthia Larose, Julia Siripurapu

California Attorney General Kamala Harris has released a report of the data breaches that have been reported to her office from 2012 until 2015.
Read more

Ransomware Strikes California Hospital - Could You Be Next?

February 23, 2016 | Blog | By Cynthia Larose

In a chain of events that should be a wake-up call to any entity using and storing critical health information (and indeed, ANY kind of critical information), Hollywood Presbyterian Medical Center (“HPMC”) has announced that it paid hackers $17,000 to end a ransomware attack on the hospital’s computer systems.
Read more

Subscribe

Sign up to receive email updates from Mintz.
Subscribe Now
what-were-reading

What We're Reading

ccpa-toolkit

California Consumer Privacy Act (CCPA) – Toolkit

Mintz Matrix

The Mintz Matrix

Find data breach notification laws by state

Viewpoint Editors

Explore Other Viewpoints:

I'm Looking For...