Response to Yelp Review Costs Small Dental Practice $10,000 and Two Years of Monitoring to Settle HIPAA Complaint

No business likes to receive bad reviews on Yelp® or anywhere else in social media. When they do, some feel the need to respond to clarify or rebut the reviews, but they must do so carefully. This is particularly true for HIPAA covered entities, as their responses could include protected health information (PHI). A recent … Continue Reading

Licensed by Your State’s Insurance Commissioner? Comprehensive Data Security Requirements Are Headed Your Way

By Joseph J. Lazzarotti on August 9, 2019 Posted in: Consumer Privacy, Data Breach Notification, Data Security, Financial Services, Information Risk, Written Information Security Program

Most businesses in the insurance industry have one thing in common – they collect and maintain significant amounts of sensitive, nonpublic information including personal information. Not surprisingly, insurance-related businesses are a target of cyberattacks and a few have faced some of the largest data breaches reported to date. Beyond the headlines, however, small and mid-sized … Continue Reading

SEC Issues Privacy and Data Security Risk Alert

By Joseph J. Lazzarotti on April 18, 2019 Posted in: Consumer Privacy, Data Security, Financial Services, Information Management, Information Risk, Third Party Service Providers, Uncategorized, Written Information Security Program

Following recent examinations of SEC-registered investment advisers and broker-dealers, the Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) published a privacy risk alert on April 16, 2019. OCIE is hoping to remind advisers and broker-dealers about providing compliant privacy and opt-out notices, and adopting and implementing effective policies and procedures for safeguarding … Continue Reading