Burglary at hospital employee’s home results in stolen flash drive and HIPAA data breach
Continue Reading Stolen Flash Drive Leads to Another HIPAA Data Breach
Information Risk
Illinois Becomes Second State to Prohibit Employers from Demanding Social Media Passwords
By Joseph J. Lazzarotti on
Illinois becomes second state to prohibit employers from demanding social media passwords from employees and applicants…
Continue Reading Illinois Becomes Second State to Prohibit Employers from Demanding Social Media Passwords
Alaska DHSS HIPAA Breach Affects 501 Individuals, But Results in $1.7 Million Settlement with HHS Following Compliance Review
By Joseph J. Lazzarotti on
HIPAA audit following breach reported to OCR results in findings of noncompliance, settlement payment of $1.7 million and a three-year corrective action plan.
Continue Reading Alaska DHSS HIPAA Breach Affects 501 Individuals, But Results in $1.7 Million Settlement with HHS Following Compliance Review
Connecticut Amends Data Breach Notification Statute; Notice to Attorney General Now Required
By Joseph J. Lazzarotti on
Notice to Connecticut Attorney General now required following data breaches affecting state residents.
Continue Reading Connecticut Amends Data Breach Notification Statute; Notice to Attorney General Now Required
Vermont Strengthens Data Breach Notification Requirements
By Joseph J. Lazzarotti on
14-day Attorney General notice and other amendments to Vermont’s Security Breach Notice Act further complicate data breach response.
Continue Reading Vermont Strengthens Data Breach Notification Requirements
Massachusetts Company Fined $15,000 Under State’s Data Security Law
The Massachusetts AG’s enforcement of its data security law demonstrates that it does not take lightly the loss of Massachusetts residents’ personal information, even if that loss has not caused any known harm to the affected residents, and that it may remain watchful over the subject of an investigation for years to come.
Continue Reading Massachusetts Company Fined $15,000 Under State’s Data Security Law
Debt Collection Agency Sued by Minnesota Attorney General Over Privacy Breach and Other Concerns
Like any business that handles personal information, debt collection agencies have obligations to maintain reasonable safeguards to protect that information. Recent enforcement activity by the Minnesota Attorney General’s office makes this clear. The banks, health care providers and other businesses that utilize collection services are also driving compliance as they demand these companies have…
Third Party Vendors Equal Data Breach Risk, Massachusetts Vendor Contract Deadline Approaches – March 1, 2012
Massachusetts service provider contract deadline – March 1, 2012 – should be a reminder to revisit all contracts with third party vendors to ensure they require the vendor to safeguard personal information.
Continue Reading Third Party Vendors Equal Data Breach Risk, Massachusetts Vendor Contract Deadline Approaches – March 1, 2012
Prepare Now for Employee Disputes Over Ownership of Social Media Accounts
By Joseph J. Lazzarotti on
Who owns company LinkedIn or Twitter profiles/accounts, the employer or the employee?
Continue Reading Prepare Now for Employee Disputes Over Ownership of Social Media Accounts
What’s On Your Mind?
By Joseph J. Lazzarotti on
Posted in Featured, Information Risk
We want to extend to you the opportunity to tell us what is on your mind in the world of data privacy, social media and information management.
Continue Reading What’s On Your Mind?