Skagit County, Washington, has agreed to settle potential violations of the privacy and security rules under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), according to an announcement by the Office for Civil Rights (OCR) on Friday. OCR reported that Skagit County, home to approximately 118,000 residents, agreed to a $215,000 monetary
Best Practices For Gramm-Leach-Bliley Compliance
The U.S. Commodity Futures Trading Commission (Commission) issued a Staff Advisory on best practices for financial institutions that must comply with Gramm-Leach-Bliley Act (GLBA) provisions on data security and customer privacy.
GLBA was enacted to ensure that financial institutions respect the privacy of their customers and protect the security and confidentiality of nonpublic personal information.
FTC Announces Identity Theft Was Top Consumer Complaint During 2013, 14 Years Running
According to an FTC press release, identity theft tops the national ranking of consumer complaints for 2013, with American consumers losing a reported $1.6 billion to fraud last year. Here is how some of the numbers break down:
- Fourteen (14) percent of the more than two million complaints to the FTC (or 290,056) stemmed
Employee Criminally Prosecuted For Taking Employer’s Documents
A New Jersey Appellate Court recently ruled that an employee who removes or copies her employer’s documents for use in her whistleblower or discrimination case may be prosecuted criminally for stealing. In State v. Saavedra, the employee had taken highly confidential original documents owned by her employer, contending that she did so to support
Top 14 for 2014
In honor of National Data Privacy Day, we provide the following “Top 14 for 2014.” While the list is by no means exhaustive, it does provide critical areas businesses will need to consider in 2014.
- Location Based Tracking. As the utilization of GPS enable devices becomes more and more prevalent, employers are often faced
Texas Amends the Effects of its Data Breach Law on Out-of-State Residents
Texas amends its data breach notification statute and the law’s effects on persons out of state.
Continue Reading Texas Amends the Effects of its Data Breach Law on Out-of-State Residents
Top 13 for 2013 – Happy Privacy Day
Top 13 data privacy and security issues for 2013
Continue Reading Top 13 for 2013 – Happy Privacy Day
OCR Issues Protocol For HIPAA Privacy, Security and Breach Notification Audit Program
As we previously discussed, the Office of Civil Rights (“OCR”) continues to push forward with the HIPAA audits required by the HITECH Act. To this end, the OCR recently posted the protocol which is used to conduct the HIPAA audits on its website.
The HITECH Act requires HHS to provide for periodic audits to
Connecticut Amends Data Breach Notification Statute; Notice to Attorney General Now Required
Notice to Connecticut Attorney General now required following data breaches affecting state residents.
Continue Reading Connecticut Amends Data Breach Notification Statute; Notice to Attorney General Now Required
Don’t Mess With Texas–Amended Law Imposes Breach Notification Obligations In All 50 States
In a novel approach to data breach notification requirements, Texas has amended its breach notification law (Business & Commerce Code, Section 521.053) to require notification to residents of not only Texas, but to residents of each of the 50 states. The amendment becomes effective September 1, 2012, and applies to “all persons who conduct business