Photo of Joseph J. Lazzarotti

Joseph J. Lazzarotti is a principal in the Tampa, Florida, office of Jackson Lewis P.C. He founded and currently co-leads the firm's Privacy, Data and Cybersecurity practice group, edits the firm’s Privacy Blog, and is a Certified Information Privacy Professional (CIPP) with the International Association of Privacy Professionals. Trained as an employee benefits lawyer, focused on compliance, Joe also is a member of the firm’s Employee Benefits practice group.

In short, his practice focuses on the matrix of laws governing the privacy, security, and management of data, as well as the impact and regulation of social media. He also counsels companies on compliance, fiduciary, taxation, and administrative matters with respect to employee benefit plans.

HIPAA audit following breach reported to OCR results in findings of noncompliance, settlement payment of $1.7 million and a three-year corrective action plan.
Continue Reading Alaska DHSS HIPAA Breach Affects 501 Individuals, But Results in $1.7 Million Settlement with HHS Following Compliance Review

Effective July 1, 2012, Vermont joins California, Connecticut, Hawaii, Illinois, Maryland, Oregon, and Washington as jurisdictions that restrict an employer’s right to obtain and use credit information for making employment decisions.  Similar legislation is pending in many other jurisdictions. Click here for more information about the Vermont law. 

The Massachusetts AG’s enforcement of its data security law demonstrates that it does not take lightly the loss of Massachusetts residents’ personal information, even if that loss has not caused any known harm to the affected residents, and that it may remain watchful over the subject of an investigation for years to come.
Continue Reading Massachusetts Company Fined $15,000 Under State’s Data Security Law