Earlier today, the European Commission (the Commission) issued a draft “adequacy decision” as well as the texts that will constitute the EU-U.S. Privacy Shield (the Privacy Shield). This includes the Privacy Shield Principles companies have to abide by, as well as written commitments by the U.S. Government on the enforcement of the arrangement,
HIPAA Covered Entities Not Responsible For Intercepted Transmission of PHI When Individual Requested Unsecured Transmission, Office for Civil Rights Concludes
Earlier this month, the Office for Civil Rights (OCR) issued guidance on an individual’s right to access the individual’s health information. That an individual has a broad right to access has been recognized in the HIPAA privacy regulations since they became effective in 2003. OCR has found, however, that individuals are facing obstacles to accessing
Motion to Deny Class Certification Under TCPA Granted
The U.S. District Court for the Southern District of California recently granted Wilshire Consumer Capital’s (WCC) motion to deny class certification in a putative class action filed under the Telephone Consumer Protection Act (TCPA).
The named plaintiff, Alu Banarji, filed suit after receiving numerous telephone calls on her cell phone. According to the Court,
Employers Have An Obligation To Provide Meaningful Direction To Employees In Email Searches, But Employers Can’t Be Compelled To Recover Company Emails Stored On Personal Accounts Of Employees
A recent case from the Northern District of California raises the importance of actively engaging with employees to coordinate the search for documents and electronically-stored information to comply with the employer’s discovery obligations. At the same time, the Court ruled that an employer cannot be compelled to produce business-related emails from the personal email accounts
Reasonable Data Security Defined by California AG
Last week, California Attorney General, Kamala D. Harris – who has been mentioned as a potential nominee to fill Justice Antonin Scalia’s recently vacated seat on the U.S. Supreme Court – issued the California Data Breach Report (Report). The Report provides an analysis of the data breaches reported to the California AG from 2012-2015.
March Monitoring Madness and Monitoring Methods
As NCAA basketball tournament season approaches, employers may be wondering if they can monitor employees at work to see how much time they are spending checking their brackets, or for other purposes. There are many reasons companies monitor employees, including boosting productivity, dissuading cyber-slacking or social “not-working,” protecting trade secrets and confidential business information, preventing
Federal Agencies Offer Guidance on Sharing Information About Cyber Threats
The federal Departments of Homeland Security, Defense and Justice and The Office of the Director of National Intelligence issued guidance on the implementation of the Cybersecurity Information Sharing Act of 2015 (CISA). Among the four guidance documents issued by these agencies is one outlining the ways non-federal entities (which would include private employers) can
No Statutory Damages Under SCA Without Actual Damages
The U.S. Court Appeals for the Eleventh Circuit has ruled that statutory damages under the Stored Communications Act (SCA) are not available in a case where the plaintiff did not incur any actual damages.
The case, Vista Marketing LLC v. Burkett, originated from an extremely contentious divorce proceeding. While the majority of the allegations
Identity Theft is the First of the IRS’ “Dirty Dozen” Tax Scams of 2016
Each year at the beginning of tax season, the IRS releases the “Dirty Dozen,” a list of twelve tax scams to be mindful of when individuals are filing their taxes. This list is something to consider sharing with colleagues or friends within your organization.
The first member of the 2016 Dirty Dozen is
FDA Issues Draft Guidance for Connected Medical Devices
Demonstrating a continued focus on information security, the Food and Drug Administration (FDA) published draft guidance on Design Considerations and Pre-market Submission Recommendations for Interoperable Medical Devices. As the title indicates, the draft guidance focuses on issues manufacturers should address in the development and design of medical devices prior to sale to consumers. This