Photo of Joseph J. Lazzarotti

Joseph J. Lazzarotti

Subscribe to Joseph J. Lazzarotti's Posts

Joseph J. Lazzarotti is a principal in the Tampa, Florida, office of Jackson Lewis P.C. He founded and currently co-leads the firm's Privacy, Data and Cybersecurity practice group, edits the firm’s Privacy Blog, and is a Certified Information Privacy Professional (CIPP) with the International Association of Privacy Professionals. Trained as an employee benefits lawyer, focused on compliance, Joe also is a member of the firm’s Employee Benefits practice group.

In short, his practice focuses on the matrix of laws governing the privacy, security, and management of data, as well as the impact and regulation of social media. He also counsels companies on compliance, fiduciary, taxation, and administrative matters with respect to employee benefit plans.

Contact:Read more about Joseph J. Lazzarotti

When the United States Supreme Court handed down its decision Riley v. California, a Fourth Amendment criminal case, we suspected it would not be long before the rationale in that case concerning the privacy interests individuals have in cellphones would be more broadly applied. In late June, a federal district court in Connecticut denied

As I write this post, the U.S. v. Belgium match is underway – a win is needed by the United States to advance to the quarterfinals of the 2014 World Cup. Most watching the game may not realize that GPS technology will be monitoring just about every movement taken by U.S. players on the field

As we reported earlier, Florida lawmakers passed extensive revisions to its existing data breach notification law, SB 1524. On June 20, 2014, Florida’s Governor Rick Scott signed the bill into law, which becomes effective on July 1, 2014.

Our earlier post provides more of a discussion about key provisions of the law. But

The last couple of times I passed by the TV to see what the kids were watching, I was surprised not to see Spongebob Squarepants or the Yankee game (Michael and Grace have their separate interests, but they usually can agree on something, at least in the short term). Anyway, they happened to be intently

Developed by Knightscope, the K5 Autonomous Data Machine is a 5 foot tall, 300 pound robotic device designed to be “a safety and security tool for corporations, as well as for schools and neighborhoods,” as reported by the New York Times. While K5 may not yet be ready for prime time, its developers

In a victory for California healthcare providers, the California Court of Appeal recently held that a health care provider is not liable under California’s Confidentiality of Medical Information Act (CMIA) (Cal. Civ. Code, § 56 et seq.) when the health care provider releases an individual’s personal identifying information, but the information does

An Office for Civil Rights (OCR) report issued this month reveals some interesting details about data breach activity under HIPAA, as well as some helpful reminders and recommendations for covered entities and business associates. Section 13402(i) of the HITECH Act requires the Secretary of Health and Human Services to submit a report to various Senate

Recently, the Federal Trade Commission (“FTC”) filed a limited objection in bankruptcy court to the proposed sale of assets of ConnectEdu, Inc. (“ConnectEdu”) on the grounds that the company’s privacy policy protecting customer personal information had potentially not been complied with.

Specifically, ConnectEdu, an education technology company that provided interactive tools to assist students, parents

Add Oklahoma to the list of states prohibiting employers from requesting or demanding access to the personal social media accounts of employees or applicants. Signed into law by Gov. Mary Fallin, H.B. 2372 becomes effective November 1, 2014.

In addition to being prohibited from requesting or demanding usernames or passwords from employees or applicants to