Privacy & Security Law Blog

Privacy & Security Law Blog

Legal Commentary and Resources for the Payment Industry

Insight & Commentary on Information Management and Protection

Developments & Commentary

FCC LogoFCC Releases Enforcement Advisory

Tells Broadband Providers to Take “Reasonable, Good Faith” Steps to Protect Consumer Privacy in Absence of Rules Come June 12, unless stayed by a federal court, broadband Internet service providers will be subject to expanded requirements to protect consumer privacy and new limitations on the use of customer data under the ...

SupCtSupreme Court Grants Cert in Campbell-Ewald v. Gomez

In a move that may greatly impact litigation under the Telephone Consumer Privacy Act (TCPA) and potentially other acts that provide statutory damages for violations, the high court will hear arguments in a case questioning whether a class action can survive even after the named plaintiff(s) received an offer of ...

DataMar2Advisory Alert: FTC, State Regulators, and Apple Weigh in on RadioShack Customer Data Sale

RadioShack filed for Chapter 11 bankruptcy in Delaware bankruptcy court in February, seeking a court-supervised sale of $1.2 billion in assets. Included in the sale is a database of customer information from about 1,700 stores regarding RadioShack’s 117 million customers. RadioShack has sought a sale of certain IP assets under the ...

NDMay19North Dakota Focused on Privacy and Information Security; AG Wants to Know if You’ve Been Breached

Come August 1, North Dakota’s Attorney General will expect to hear from you if your company suffers a breach of computerized data affecting more than 250 persons. On April 13 North Dakota Governor Jack Dalrymple signed S. 2214 into law, which amended the state’s data breach statute in an attempt to ...

health care iconsAdvisory Alert: Meaningful Use Stage 3 Proposed Rule

One Set of Requirements to Rule Them All With the release of the Meaningful Use Stage 3 proposed rule on March 30, CMS is attempting to reduce complexity and increase uniformity within the Electronic Health Record (EHR) Incentive Programs by reducing the myriad of choices currently available. CMS intends Stage 3 ...

Resources & Updates

locksRewind and Replay: Plaintiffs Appeal Dismissal of VPPA Suits against Viacom, Google and Dow Jones

Plaintiffs in two recently dismissed class actions alleging violations of the Video Privacy Protection Act (“VPPA”) filed notices of appeal this week, asking the Third and Eleventh Circuit Courts of Appeals to hit the rewind button and review the merits of their respective claims. On January 20 a New Jersey ...

HIPPA Binder2015 Edition of HIPAA Regulations Now Available

For your convenience, a bookmarked-version of the most current HIPAA regulations is available here. It includes 2014 changes to the HIPAA regulations in the Code of Federal Regulations, including: (1) the current compliance date (Oct. 1, 2015) for ICD-10 implementation; and (2) the Privacy Rule’s deletion of the Clinical Laboratory Improvement ...

Data storage cyber conceptCybersecurity: The Human Factor

Financial institutions are under a constant and growing cyber assault from hacktivists that want to cause online mischief, criminals that want to steal consumer data and nation-states that are looking for a military, political or economic advantage. In this increasingly costly war, the focus is often on the latest hardware, ...

congress money2Congress Funds Cybersecurity: Spending Bill Allocates over $1 Billion to Cybersecurity

The final spending bill of the 113th Congress, which keeps the government doors open until September 30th of 2015, was passed by the House on December 11th, the Senate on the 13th, and signed by the President on December 16th. It is a $1.1 trillion omnibus spending bill that will ...

cyber buttonCongress Confirms NIST’s Role in Cybersecurity – and the Continuation of the Cybersecurity Framework

The Cybersecurity Enhancement Act of 2014 (CEA) was passed by the House and the Senate on December 11th, and signed by the President on the 18th. The bill formalizes the role of the National Institute for Standards and Technology (NIST) in continuing to develop the voluntary Cybersecurity Framework. Through five ...