In a uniquely timed second showing of enforcement authority, the Department of Health and Human Services (HHS) announced on February 24, 2011 a one million dollar settlement with a Massachusetts hospital that allegedly breached patient data. This settlement announcement comes only days after HHS announced a 4.3 million dollar HIPAA Privacy Rule fine. The
Business Owner Enjoined from Accessing Co-Owner’s Email
A Minnesota Court of Appeals panel has affirmed the issuance of a temporary injunction against a co-owner of an LLC blocking him from accessing emails of his partner from the company’s server in the midst of their business dispute. The unpublished decision, Gates v. Wheeler A09-2355 (Minn. App. November 23, 2010), raises some interesting issues
No Claim For Data Breach Damages Absent Financial Loss or Tangible Injury
In another favorable decision for companies, the Maine Supreme Court ruled on September 21, 2010 that consumers affected by a data breach could not claim damages from the company unless they suffered uncompensated financial losses or some other tangible injury.
The Maine Supreme Court addressed the following:
In the absence of physical harm or economic loss
Attorney General Securing Personal Data in Indiana
Indiana recently enacted a new law which grants authority to the Indiana Office of the Attorney General’s Identity Theft Unit to obtain and secure abandoned records with personally identifying information, including health records, and either destroy them or return them to their owners. Additionally, the new law sets fines and other legal ramifications for violations of
Employees Claiming Emotional Distress Must Produce Social Network (Facebook and MySpace) Information In Discovery
All information from plaintiffs’ social networking profiles and postings that relate to their general emotions, feelings, and mental states must be produced in discovery when they allege severe emotional trauma and harassment against their employer, a federal court in Indiana has ruled. (EEOC v. Simply Storage Management LLC, S.D. Ind., No. 1:09-cv-1223, discovery
Keylogging–Jurisdictions at Odds Over Privacy Concerns
Keystroke logging (or “keylogging”) is the noting (or logging) of the keys struck on a computer keyboard. Typically, this is done secretly, so the keyboard user is unaware his activities are being monitored.
Several cases throughout the country have examined an employer’s use of keylogging. Recently, the Criminal Court of the City of New York held
New Jersey Supreme Court Rules on Personal E-mail Privacy: Stengart v. Loving Care
Co-author: Joseph J. Lazzarotti
The New Jersey’s highest Court has concluded that an employee, Marina Stengart, could reasonably expect that e-mail communication with her lawyer through her personal, password-protected, web-based e-mail account would remain private, and that sending and receiving them using a company laptop did not eliminate the attorney-client privilege that protected them. The Court