As we reported, there are a number of signs pointing to a significant tightening of regulation and increased enforcement of data security mandates. Following efforts in New Jersey, New York and Oregon, Indiana Attorney General Greg Zoeller announced his office is seeking legislation that would better protect the online personal and financial information
NJ & NY Propose Amendments To Data Breach Laws
The New Jersey Assembly on December 15 unanimously approved, by a vote of 75-0, a bill designed to better protect consumers from identify theft. Bill A3146, if approved by the Senate, would expand the state’s law to include disclosure of a breach of security of online accounts.
Per the Identity Theft Resource Center, between
New Data Protection Powers Requested in Oregon
On December 9, Oregon’s Attorney General, Ellen Rosenblum, announced to the Oregon House and Senate Judiciary Committee that she would be introducing legislation to expand existing personal data protections for Oregon consumers while implementing additional enforcement measures to combat non-compliance.
According to Ms. Rosenblum, Oregon’s laws have not kept up with the rapid increase in
Data Security in 2015 for Banks, HIPAA Covered Entities, and Small Businesses Too
Some have called 2014 the “Year of the Data Breach.” That may be true given the steady stream of large-scale data breaches affecting tens of millions of individuals. We do not know if this time next year commentators will be saying the same thing about 2015, but there are signs pointing to a
EMPLOYERS BEWARE: MEDICAL IDENTITY THEFT ON THE RISE AND IS THE GOLDEN TARGET FOR HACKERS
As we’ve discussed previously, medical identity information is worth more than ten (10) times that of financial information on the black market. This gives hackers a financial incentive to obtain such information that is maintained not only by medical providers and pharmacies but also by employers who provide medical insurance coverage to their employees. Employers
Postal Workers Union Complains to NLRB About Post Office Data Breach
After being hit with a data breach, the last thing a company might want is the scrutiny of the union representing its employees affected by the incident. When the data breach potentially affecting hundreds of thousands of United States Postal Service employees was reported, it was not long after that the American Postal Workers
Negligence Claims for Breach of Patient Privacy Not Preempted by HIPAA, Connecticut Supreme Court Holds
Healthcare providers continue to have challenges with responding to attorney requests for information and subpoenas. We highlighted some of these last year, along with some issues providers should be considering to help meet those challenges. In this case, after the patient advised the provider not to disclose her PHI to her significant other, the
California Minors Gain Privacy Rights in the Online World
Thanks to a new state law enacted to protect minors from the modern follies of youth, minors in California can ring in the New Year by permanently deleting their regrettable online posts. This so-called “Online Eraser Law” – signed by Governor Jerry Brown on September 23, 2013 – will take effect on January
Video Interview: Discussing the FCC’s Recent Data Security Action with LXBN TV
Following up on our recent post on the subject, I had the opportunity to speak with Colin O’Keefe, Editorial Manager-LexBlog, on the FCC’s first foray into policing a cybersecurity incident. In the brief video interview, I explain what happened and what it could mean going forward. Special thanks to Colin, and LXBN TV, for
On the Heels of FTC, FCC Joins GPEN to Better Watch Data Abroad
Data is rarely still. It is captured, processed and moved around the world at speeds we wouldn’t have dreamed possible 20 years ago. Data often disrespects borders. By way of example, companies often mistakenly store personal data in the cloud to be accessed by multiple international locations, without considering the legal rights of the data