As we have referenced in previous posts, the Federal Trade Commission (FTC) has launched an aggressive push against data brokers and credit reporting agencies in its enforcement of the rules under the Fair Credit Reporting Act (FCRA). That push continues today with the U.S. Department of Justice’s announcement of the prosecution of a
Data Security
Connecticut AG Makes Email Address Available to Companies to Report Data Breaches
Connecticut AG prepares for amendments to Connecticut’s data breach law going into effect on Oct. 1, 2012.
Continue Reading Connecticut AG Makes Email Address Available to Companies to Report Data Breaches
Massachusetts Health Care Provider, MEEI, Settles HIPAA Charges Following Stolen Electronic Storage Device
Another reported HIPAA breach results in $1.5 million dollar settlement between HIPAA covered entity and HHS’ Office of Civil Rights…
Continue Reading Massachusetts Health Care Provider, MEEI, Settles HIPAA Charges Following Stolen Electronic Storage Device
DOD, GSA, and NASA Propose New Rule Affecting Federal Contractor Requirements to Safeguard Government Information
Attention federal contractors – DOD, GSA and NASA propose adding a required contract clause for federal contractors to address data security.
Continue Reading DOD, GSA, and NASA Propose New Rule Affecting Federal Contractor Requirements to Safeguard Government Information
New York Tightens Protections on Social Security Numbers
A New York law, effective December 12, 2012, prohibits businesses and other entities from requiring individuals to disclose or furnish their Social Security Numbers for any purpose, subject to certain exceptions.
Continue Reading New York Tightens Protections on Social Security Numbers
Stolen Flash Drive Leads to Another HIPAA Data Breach
Burglary at hospital employee’s home results in stolen flash drive and HIPAA data breach…
Continue Reading Stolen Flash Drive Leads to Another HIPAA Data Breach
Connecticut Amends Data Breach Notification Statute; Notice to Attorney General Now Required
By Joseph J. Lazzarotti on
Notice to Connecticut Attorney General now required following data breaches affecting state residents.
Continue Reading Connecticut Amends Data Breach Notification Statute; Notice to Attorney General Now Required
Vermont Strengthens Data Breach Notification Requirements
By Joseph J. Lazzarotti on
14-day Attorney General notice and other amendments to Vermont’s Security Breach Notice Act further complicate data breach response.
Continue Reading Vermont Strengthens Data Breach Notification Requirements
Massachusetts Company Fined $15,000 Under State’s Data Security Law
The Massachusetts AG’s enforcement of its data security law demonstrates that it does not take lightly the loss of Massachusetts residents’ personal information, even if that loss has not caused any known harm to the affected residents, and that it may remain watchful over the subject of an investigation for years to come.
Continue Reading Massachusetts Company Fined $15,000 Under State’s Data Security Law
Debt Collection Agency Sued by Minnesota Attorney General Over Privacy Breach and Other Concerns
Like any business that handles personal information, debt collection agencies have obligations to maintain reasonable safeguards to protect that information. Recent enforcement activity by the Minnesota Attorney General’s office makes this clear. The banks, health care providers and other businesses that utilize collection services are also driving compliance as they demand these companies have…