Data Privacy & Cybersecurity PracticeMuch scrutiny has been given to the treatment for COVID-19 and the use of funds in fighting it. In time, the local, state, and federal governments will be investigating or prosecuting organizations accepting COVID-19 funds or treating those with the coronavirus. Covered entities, such as healthcare providers and health plans, might be served with subpoenas and discovery requests. It is important to know how to manage the release or disclosure of patient information subject to these requests.
Read more »Tag: personal data
-
Healthcare Providers Beware: HIPAA Applies When Complying With Subpoenas Posted on: August 18, 2020 In: Data Privacy & Cybersecurity
-
ECJ Invalidates the EU-US Privacy Shield as Adequate Transfer Mechanism Posted on: July 16, 2020 In: Data Privacy & CybersecurityIn a ruling issued on July 16, 2020, the European Court of Justice (ECJ) invalidated the EU-U.S. Privacy Shield – a primary mechanism available to companies exporting personal data from the European Economic Area (EEA) to the United States.
Read more »
-
Accounting Firms: Confirming Security of Client Information After Reports of Tax Fraud Posted on: July 14, 2020 In: Data Privacy & CybersecurityThe July 15, 2020 extended tax-filing deadline is upon us. Accounting and tax preparation firms are squarely in the crosshairs of opportunistic cyber criminals looking to obtain and exploit sensitive information for the purposes of committing tax fraud. Unfortunately, thousands of Americans will see fraudulent tax returns filed in their names this year, and the accounting firm that files the client’s taxes is often the most obvious target for blame, but the source of the tax exploit may not be as obvious.
Read more »
-
California AG Submits CCPA Regulations for Final Approval, Paving the Way Toward Enforcement Posted on: June 03, 2020 In: Data Privacy & CybersecurityOn Monday, June 1, 2020, the California Attorney General’s Office announced that it had submitted the final version of its proposed regulations under the California Consumer Privacy Act (CCPA) to the California Office of Administrative Law (OAL) for review and approval.
Read more »
-
Legislative Alert: Vermont Expands Definition of Personal Information and Enacts Protections for Student Privacy and Automatic Subscription Renewals Posted on: March 19, 2020 In: Data Privacy & CybersecurityOn March 5, 2020, Vermont Governor Phil Scott signed into law Senate Bill 110, which amends sections of Chapter 62 of the Vermont Statutes Annotated - “Protection of Personal Information” - including Sections 2430, 2435, and 2454. The bill also adds Section 2443 to the chapter, which governs the privacy of student information belonging to preschool, kindergarten, elementary, and secondary school students.
Read more »
-
Washington State Data Breach Notification Statute Updates Go Into Effect, Imposing New Requirements on Businesses Posted on: March 17, 2020 In: Data Privacy & CybersecurityEffective March 1, 2020, amendments to the Washington State data breach notification statute made the law significantly more onerous for companies dealing with data security incidents. The amendments, which we first covered in May 2019, expanded the definition of personal information, shortened the deadlines for notification, and imposed additional requirements for notice contents.
Read more »
-
Ransomware and the Paramount Importance of Evidence Preservation for Healthcare Entities Posted on: March 10, 2020 In: Data Privacy & CybersecurityOrganizations regulated by the Healthcare Information Privacy and Accountability Act (HIPAA) must take special care to preserve valuable forensic artifacts at the outset of a ransomware or other cybersecurity event. The HIPAA Breach Notification Rule presumes a cybersecurity incident has resulted in unauthorized access to unsecured protected health information and the burden shifts to the organization to show a low probability of the compromise of the health information it maintains.
Read more »
-
Legislative Alert: California Expands Definition of Personal Information Posted on: November 01, 2019 In: Data Privacy & CybersecurityOn October 11, 2019, California Governor Gavin Newsom signed into law Assembly Bill 1130, which amends The Information Practices Act of 1977, as well as California Civil Code §§ 1798.29, 1798.81.5 and 1798.82. The bill expands the definition of “personal information” under the California data breach notification statutes applicable to businesses and to government agencies.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 3 of 3: Trends and Planning – What it All Means Posted on: June 07, 2019 In: Data Privacy & CybersecurityOn June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. The final installment of this three-part series will cover trends and planning.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 2 of 3: General Observations on Pending Amendments to the CCPA Posted on: June 05, 2019 In: Data Privacy & CybersecurityOn June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Privacy Act (“CCPA”) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. Part 2 of this three-part series will look at pending amendments to the CCPA.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 1 of 3: Where Does the Law Stand Now? Posted on: June 03, 2019 In: Data Privacy & CybersecurityOn June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Privacy Act (CCPA) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. Part 1 of this three-part series will examine the current state of the law.
Read more »
-
HIPAA Breach Reporting: Focus on Remediation in Responding to an HHS/OCR Investigation Posted on: February 25, 2019 In: Data Privacy & CybersecurityLast year was another banner year for HIPAA data breaches reported to the Department of Human Services Office of Civil Rights (HHS/OCR), and the reporting period hasn’t yet closed, as organizations experiencing breaches affecting fewer than 500 individuals have until 60 days after the end of the calendar year in which the breach occurred to make the report.
Read more »
Blog Search
Featured Posts
- September 24, 2020 Legislative Alert: California Passes Genetic Information Privacy Act
- July 15, 2020 A Time for Reflection: Advisen’s 2020 Cyber Law Firm of the Year Award
- July 14, 2020 Accounting Firms: Confirming Security of Client Information After Reports of Tax Fraud
- July 09, 2020 U.S. Supreme Court Gives Grace to Religious Employers
- June 18, 2020 Business Email Compromise Attacks on the Rise in 2020
- June 15, 2020 U.S. Supreme Court Outlaws Discrimination Against LGBTQ+ Employees
- June 03, 2020 California AG Submits CCPA Regulations for Final Approval, Paving the Way Toward Enforcement
- May 29, 2020 Seventh Circuit Court of Appeals Recent Decision in Molson-Coors v. Anheuser-Busch Affirms Lesson: Choose Words Wisely
Blog Tags
alabama
anti-money laundering
arkansas
audit
audit logging
biometric data
bitcoin
blockchain
breach notification
california
ccpa
chip
client notification
colorado
commission
congress
consumer notification
coronavirus
covid-19
credit reporting
cryptocurrency
cybersecurity
cyber threat
data breach
data map
data privacy
data privacy officer
data security
department of health and human services
department of transportation
district of columbia
email
employment
equifax
eu
eu-u.s. privacy shield
european union
fbi
fcc
fcra
federal communication
federal trade commission
financial fraud kill chain
financial services
fraud
gdpr
hacking
healthcare
hhsocr
hipaa
holiday season
human resources
identity theft
illinois
information security
insider attacks
irs
legislative alert
malware
managed service providers
maritime cybersecurity
maryland
microsoft office 365
multi-factor identification
new jersey
new mexico
new york
ninth circuit
nist security controls
patient information
personal data
personal information
phishing
pre-breach services
privacy notification
privacy settings
protected health information
ransomware
regulations
scams
school
security vulnerabilities
social engineering
social media
social security
soppa
ssn
statute
supreme court
tax returns
third party
utah
video-teleconferencing
virginia
virus
w2
washington
websites
workplace policy
zoom