Developed by Knightscope, the K5 Autonomous Data Machine is a 5 foot tall, 300 pound robotic device designed to be “a safety and security tool for corporations, as well as for schools and neighborhoods,” as reported by the New York Times. While K5 may not yet be ready for prime time, its developers
California Healthcare Provider Defeats Data Breach Class Action on Definition of Medical Information
In a victory for California healthcare providers, the California Court of Appeal recently held that a health care provider is not liable under California’s Confidentiality of Medical Information Act (CMIA) (Cal. Civ. Code, § 56 et seq.) when the health care provider releases an individual’s personal identifying information, but the information does
OCR Provides HIPAA “Lessons Learned” In Data Breach Report to Congress
An Office for Civil Rights (OCR) report issued this month reveals some interesting details about data breach activity under HIPAA, as well as some helpful reminders and recommendations for covered entities and business associates. Section 13402(i) of the HITECH Act requires the Secretary of Health and Human Services to submit a report to various Senate
FTC Objects to Sale of Company Assets Based on Potential Breach of Privacy Policy
Recently, the Federal Trade Commission (“FTC”) filed a limited objection in bankruptcy court to the proposed sale of assets of ConnectEdu, Inc. (“ConnectEdu”) on the grounds that the company’s privacy policy protecting customer personal information had potentially not been complied with.
Specifically, ConnectEdu, an education technology company that provided interactive tools to assist students, parents
Oklahoma Joins Growing Number of States Limiting Employer Access To Personal Social Media Accounts
Add Oklahoma to the list of states prohibiting employers from requesting or demanding access to the personal social media accounts of employees or applicants. Signed into law by Gov. Mary Fallin, H.B. 2372 becomes effective November 1, 2014.
In addition to being prohibited from requesting or demanding usernames or passwords from employees or applicants to
Louisiana Follows Wisconsin and Tennessee in Protecting Employee and Student Personal Online Account Access Information
Following the enactment of similar laws in Wisconsin and Tennessee earlier this year, Louisiana Governor Bobby Jindal signed HB 340, the Personal Online Account Privacy Protection Act, into law prohibiting employers and schools in Louisiana from demanding access to personal email, social media and other types of online accounts. The Act applies to
Volunteer State (Tennessee) Prohibits Employers From Asking Employees, Applicants to Volunteer Access to Social Media, Internet Accounts
Effective January 1, 2015, Tennessee employers, including government entities, will be prohibited from requesting or requiring access to the private social networking or online accounts of employees and job applicants under the Volunteer State’s “Employee Online Privacy Act of 2014,” signed by Governor Bill Haslam. Our Tennessee colleagues outline the key provisions of the law
Employers, the NLRB Wants Some Control Over Your Company Email
You’ve just finished your email, electronic communications, social media and/or BYOD policies for employees assuming, among other things, that you did not have to permit employees to use company-provided communication systems for nonwork-related purposes, such as to fulfill certain union-related purposes or other “protected concerted activities” under for Section 7 of the National Labor Relations
Stolen Laptops = HIPAA Settlements Totaling Nearly Two Million Dollars
Unencrypted laptop computers and other mobile devices pose significant risks to the security of patient information, reminds the U.S. Department of Health and Human Services Office for Civil Rights (OCR) in its announcement yesterday that it collected $1,975,220 from two entities collectively to resolve potential violations of the Health Insurance Portability and Accountability Act (HIPAA)
Iowa Amends Its Breach Notification Law, Attorney General Notification Required For Breaches Affecting More Than 500 Iowans
Iowa made changes to its breach notification law (Iowa Code § 715C.1 et seq.) when the state’s Governor, Terry Branstad, signed S.F. 2259 into law. The amendment makes the following key changes which become effective July 1, 2014:
- The existing law applies to “computerized” personal information. The amendment clarifies that this includes personal