Tag Archives: Featured

Top 15 for 2015 – Happy National Data Privacy Day

In honor of National Data Privacy Day, we provide the following “Top 15 for 2015.”  While the list is by no means exhaustive, it does provide some hot topics for businesses to consider in 2015. Inside Threats for Healthcare Providers and Business Associates.  While news reports of security risks often focus on hackings and breaches … Continue Reading

NY Times Article Highlights State Action on Privacy

The New York Times published an interesting front page article by Somini Sengupta on October 31, 2013 about the growing trend of state legislative action on privacy issues, noting that over two dozen privacy laws have passed this year in more than 10 states. The piece also notes that the “patchwork of rules across the country” is … Continue Reading

The Bring Your Own Device (BYOD) Movement

Numerous companies are considering, or already transitioned to, a "bring your own device" (BYOD) model.  Under a BYOD program, employees are permitted to connect their own personal devices (iPhone, iPad, Blackberry, PDA, etc.) to the employer’s networks and systems to complete job duties either in the office or working remotely.  While a BYOD program has numerous benefits, … Continue Reading

The Threat of Cyberattacks and Data Breaches from China Continues

The New York Times recently reported that hackers from China have resumed attacks on U.S. targets, despite efforts by the Obama Administration to curb these intrusions. According to the article and a report by a security company, Mandiant, hackers from China have been behind… scores of thefts of intellectual property and government documents over the past five … Continue Reading

Sandy – A Reminder to Adopt/Reevaluate Your Disaster Recovery Plan

The effects of a hurricane like Sandy should be a reminder to all businesses of the importance of disaster recovery planning. When these storms threaten there is no shortage of images of sandbags and plywood being used to prevent harm to companies’ bricks and mortar. However, rarely do we see steps businesses should be taking to protect … Continue Reading

OCR Issues Protocol For HIPAA Privacy, Security and Breach Notification Audit Program

As we previously discussed, the Office of Civil Rights (“OCR”) continues to push forward with the HIPAA audits required by the HITECH Act.  To this end, the OCR recently posted the protocol which is used to conduct the HIPAA audits on its website.  The HITECH Act requires HHS to provide for periodic audits to ensure covered … Continue Reading

Third Social Media Report From NLRB Acting General Counsel

Today, the NLRB‘s Acting General Counsel posted a third report regarding social media issues which have been brought to the agency. The cases discussed in this report should provide further guidance to employers struggling with developing strategies for using social media in their business, developing employee policies regulating activity in social media, and enforcing those policies. … Continue Reading

Third Party Vendors Equal Data Breach Risk, Massachusetts Vendor Contract Deadline Approaches – March 1, 2012

Massachusetts service provider contract deadline - March 1, 2012 - should be a reminder to revisit all contracts with third party vendors to ensure they require the vendor to safeguard personal information.… Continue Reading
LexBlog