Skip to main content

Privacy & Cybersecurity

Viewpoints

Filter by:

Monthly TCPA Digest

December 20, 2017 | Blog | By Cynthia Larose

This month’s issue examines four recent rulings from Seventh Circuit trial courts regarding an FCC rule under the TCPA that mandates opt-out language on solicited faxes, or those sent with the recipient’s consent.

Consent under the GDPR: Official Guidance Now Available

December 19, 2017 | Blog | By Susan Foster

One of the most striking changes to EU privacy law under the EU’s General Data Protection Regulation (which goes into effect May 25, 2018) is the very strict approach to user consent.
Biometric data is a hotbed of activity these days. We've discussed the frenetic pace at which class actions are being filed in Illinois under the Biometric Information Privacy Act. 
The National Association of Insurance Commissioners (NAIC) has approved its draft of the Insurance Data Security Model Law (Model Law) via a meeting of its Executive and Plenary Committees. 

Two Data Breach Bills Introduced in US Senate

December 11, 2017 | Blog | By Joanne Dynak, Cynthia Larose

As we near the end of a year that has seen more than its share of massive data breaches, two bills have been introduced (one re-introduced) in the U.S. Senate. 

EU General Data Protection Regulation Webinar Series – Recordings

December 4, 2017 | Blog | By Cynthia Larose, Susan Foster

Since last September, the Mintz Levin Privacy Webinar Series has focused on the upcoming EU General Data Protection Regulation (GDPR) to help businesses understand the reach and scope of the GDPR and prepare for the potentially game-changing privacy regulation.
Recently proposed legislation in Ohio could provide businesses with special protection from lawsuits in the event of a hack under certain circumstances. Senate Bill 220 would shelter businesses that have been proactive in instituting defenses to guard against data breaches.

HIPAA and Other Privacy Considerations at Play when Building a Health App

November 8, 2017 | Blog | By Dianne Bourque, Cynthia Larose

Consumers are increasingly turning to health apps for a variety of medical and wellness-related purposes. This has in turn caused greater amounts of data—including highly sensitive information—to flow through these apps.

The GDPR Roadshow - Coming Soon!

November 7, 2017 | Blog | By Cynthia Larose

The clock is ticking down to May 25, 2018 , the date that the European Union's General Data Protection Regulation (GDPR) goes into effect. The GDPR is likely to be a game-changer for US companies doing business with the European Union, and many are racing against the clock to figure out exactly what their compliance obligations are.
Has your company recently beefed up its employee identification and access security and added biometric identifiers, such as fingerprints, facial recognition, or retina scans? Have you implemented new timekeeping technology utilizing biometric identifiers like fingerprints or palm prints in lieu of punch clocks?
The Federal Trade Commission (FTC) clarified in recent guidance how the Children’s Online Privacy Protection Act (COPPA) applies to internet-connected device companies and other businesses that collect and use children’s voice recordings.
The Article 29 Working Party (WP29) advisory group, which will soon become the more transparently-named (and very powerful) European Data Protection Board, is busy drafting and issuing guidance documents to help organizations understand how European data protection authorities will interpret various requirements of the General Data Protection Regulation (GDPR). 
As was generally expected from informal comments by EU representatives, Privacy Shield has survived its first annual review. Commissioner Jourova stated: "Our first review shows that the Privacy Shield works well, but there is some room for improving its implementation."
This week’s disclosure that a 2013 data breach may have affected all 3 billion Yahoo accounts then in existence could alter the scope of the consolidated data breach cases currently pending against Yahoo in the federal court in San Francisco.
Many companies around the world rely on the EU’s standard contractual clauses (also known as the model clauses, and referred to in this article as the “SCCs”) as the legal basis for transferring personal data from the European Economic Area (EEA) to countries whose privacy laws have not been found adequate by the EU Commission.

WEBINAR: Privacy Shield & the GDPR - Handling HR Data

October 3, 2017 | Blog | By Cynthia Larose

EU laws concerning the transfer of employee personal data to the US are complex, and penalties for getting it wrong are set to increase dramatically when the General Data Protection Regulation (GDPR) goes into effect in May 2018.
As Texas, Florida, and the Caribbean rebuild after the latest string of deadly hurricanes and prepare for the possibility of future storms, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) reminded health care providers of the importance of ensuring the availability and security of health information during and after natural disasters.
Many companies have started the potentially lengthy process of auditing their service provider contracts to make sure that they comply with the requirements of the General Data Protection Regulation, which comes into force on May 25, 2018.

The Mintz Matrix - September 2017

September 14, 2017 | Blog | By Cynthia Larose, Michael Katz

As data breaches dominate national headlines it remains important as ever for businesses to invest in security and to be ready to respond if a breach occurs. 

Equifax Breach: Three Takeaways in First Four Days

September 13, 2017 | Blog | By Cynthia Larose

The Equifax breach continues to evolve. 
Sign up to receive email updates from Mintz.
Subscribe Now

Days Left Until CCPA

Explore Other Viewpoints: