PII

The Key to NYC and Other Cities’ COVID-19 Vaccine Proof Mandates, and Potential Privacy Issues

By Joseph J. Lazzarotti on August 23, 2021

Posted in California Consumer Privacy Act, Consumer Privacy, COVID-19, Data Security, Health Information Technology, Identity Theft, Information Risk, Written Information Security Program

Cities step up their efforts to combat the COVID-19 Delta variant. New York City, New Orleans, and San Francisco have all announced requirements for certain persons to produce evidence of COVID vaccination status in order to patronize or work indoors at certain establishments. Adding to an already complex patchwork of COVID-related regulation –…

North Dakota Implements A New Student Privacy Law

By Delonie A. Plummer on July 9, 2020

Posted in Consumer Privacy, Workplace Privacy

North Dakota’s State Board of Higher Education recently implemented the Student Data Privacy and Security Bill of Rights (the “Policy”). The Policy, which went into effect on May 29, 2020, was created by the North Dakota Student Association to facilitate students’ access to their Personally Identifiable Information (“PII”), and to regulate the North Dakota University…

Personal Information, Private Information, Personally Identifiable Information…What’s the Difference?

By Joseph J. Lazzarotti on December 30, 2019

Posted in California Consumer Privacy Act, Consumer Privacy, Data Breach Notification, Data Security, Information Management, Information Risk, Online Privacy, Workplace Privacy, Written Information Security Program

When privacy geeks talk “privacy,” it is not uncommon for them to use certain terms interchangeably –personal data, personal information, personally identifiable information, private information, individually identifiable information, protected health information, or individually identifiable health information. They might even speak in acronyms – PI, PII, PHI, NPI, etc. Blurring those distinctions might be OK for…

Federal Court Permits Former Employees’ Data Breach Claims to Move Forward

By Jeffrey M. Schlossberg on December 13, 2017

Posted in Data Security, Identity Theft, Information Risk

A data breach occurs in which an outside individual obtains your company’s employees’ W-2 forms including social security numbers, addresses, and salary information. As a result, your company notifies all affected employees, explains what occurred, and offers a complimentary two-year membership to a service that helps detect misuse of personal information. Is your company liable…

Senate Bill Introduced to Protect Personally Identifiable Information

By Jeffrey M. Schlossberg on December 8, 2017

Posted in Consumer Privacy, Data Security, Written Information Security Program

Primarily motivated by several recent massive data breaches, Senate Democrats recently introduced a bill geared toward protecting Americans’ personal information against cyber attacks and to ensure timely notification and protection when data is breached.

The Consumer Privacy Protection Act of 2017 provides that companies that collect and hold data on at least 10,000 Americans would…

Nevada Updated Its Definition of Personal Information, Have You?

By Joseph J. Lazzarotti on July 30, 2015

Posted in Consumer Privacy, Data Security, GINA, Identity Theft, Information Management, Information Risk, Written Information Security Program

When businesses set out to safeguard “personal information,” a fundamental consideration is what that term means. Likewise, when negotiating a third-party vendor agreement, it typically is not enough to rely on the standard definition for “confidential information.” Recently, Nevada and other states have updated their definitions of personal information in connection data breaches notification and…

Workplace Privacy, Data Management & Security Report

PII