Thirty-Three State Attorneys General Show Support for FTC’s Proposed Crackdown on “Commercial Surveillance”
Security, Privacy And The Law
by Michelle Youngmin Choi
1M ago
On August 22, 2022, the Federal Trade Commission (“FTC”) indicated through the Advanced Notice of Proposed Rulemaking its intent to limit commercial surveillance – the common corporate practice of collecting, analyzing, and monetizing consumers’ data. As slews of data breaches resulted in millions of dollars in settlement and countless consumers whose data had been jeopardized, 33 states, including Massachusetts, New York, and Texas, showed support for the FTC’s proposed rule through a comment letter dated November 17, 2022. The letter highlighted the following three areas of greatest concern ..read more
Visit website
‘Tis the (Insurance Renewal) Season! What Enhanced Consumer Data Protection Laws Mean for Your Business
Security, Privacy And The Law
by Brooke Yates
1M ago
Key Takeaways: Insurance renewal season is upon us.  Now is the time to make sure your insurance coverages are aligned with your business needs over the coming year. Consumer privacy laws are changing and developing rapidly. Enhanced protections for consumers’ data, particularly biometric and sensitive personal information, have implications for a variety of businesses and industries. Colorado is and will likely continue developing laws that protect consumers’ personal information and may open businesses up to increased exposure to liability. Businesses must consider how these consumer p ..read more
Visit website
Massachusetts Governor Issues Executive Order to Strengthen State’s Cyber Defenses
Security, Privacy And The Law
by Colin Zick
1M ago
Governor Charlie Baker recently took steps to strengthen cybersecurity in Massachusetts by signing an executive order on December 14, 2022 creating an advisory panel to improve the state’s cyber defense. The new state task force will assess existing resources, develop contingency plans, and identify strategies for preventing future cyberattacks.  The goal of the task force is to ensure that the Bay State is at the forefront of the ever-evolving cybersecurity landscape. With cyber threats becoming increasingly sophisticated, it’s crucial for the state to stay ahead of the curve. The panel ..read more
Visit website
HHS Office for Civil Rights Issues Bulletin on Requirements under HIPAA for Online Tracking Technologies to Protect the Privacy and Security of Health Information
Security, Privacy And The Law
by Colin Zick
2M ago
On December 1, 2022, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services issued a bulletin to highlight the obligations of Health Insurance Portability and Accountability Act of 1996 (HIPAA) on covered entities and business associates under the HIPAA Privacy, Security, and Breach Notification Rules (“HIPAA Rules”) when using online tracking technologies.  These online tracking technologies, like Google Analytics or Meta Pixel, collect and analyze information about how internet users are interacting with a regulated entity’s website or mobile application ..read more
Visit website
Is the Video Privacy Protection Act a New Litigation Weapon for Consumers?
Security, Privacy And The Law
by Adam Aguirre
2M ago
On September 19, 2022, a Massachusetts federal District Court denied Boston Globe Media Partners LLC’s motion to dismiss a consumer class action suit against it. This case is one of 47 proposed class actions filed since February 2022 against various companies, each based on a company’s use of Meta’s Pixel tracking tool. Boston Globe Media Partners is a “multimedia organization that provides news, entertainment, and commentary across multiple brands and platforms”; one of those platforms is the subscription website, bostonglobe.com.  The Plaintiff class in this case alleged that form them ..read more
Visit website
Is the VPPA a New Litigation Weapon for Consumers?
Security, Privacy And The Law
by Foley Hoag
2M ago
On September 19, 2022, a Massachusetts District Court denied Boston Globe Media Partners LLC’s (the Globe) motion to dismiss a class action suit brought against it in what could be a boon for consumers’ demands to protect their digital privacy. The action is one of 47 proposed class actions filed since February 2022 against various companies based on their use of Meta’s Pixel tracking tool. The Globe is a multimedia organization that maintains the website bostonglobe.com requiring digital subscriptions—a requirement which includes subscribers revealing their personally identifiable information ..read more
Visit website
Looking to a New EU-US Data Privacy Framework
Security, Privacy And The Law
by Michelle Youngmin Choi
3M ago
As we wrote in July 2020, the European Court of Justice issued a landmark decision that invalidated the Privacy Shield as untenable under the European General Data Protection Regulation (GDPR). The decision sparked negotiations between the United States and the European Union on a workable data privacy framework. And after a two-year long hiatus, the U.S. and the EU agreed on a replacement for the Privacy Shield. The executive order (the “Order”) President Biden signed on October 7, 2022 signaled a step forward for the transatlantic data transfer pact. The Order implements the new EU-U.S. Data ..read more
Visit website
HHS Office for Civil Rights Posts HIPAA Security Rule Security Incident Procedures
Security, Privacy And The Law
by Colin Zick
3M ago
Every October, in recognition of National Cybersecurity Awareness Month, the federal government and its partners work to educate stakeholders on cybersecurity awareness and how best to protect the privacy and security of confidential data. Within the health care industry, the HIPAA Security Rule applies to covered entities and their business associates (“regulated entities”) and electronic protected health information (ePHI).  Because ePHI identifies individuals and includes information relating to an individual’s health, treatment, or payment information, it is a valuable targe ..read more
Visit website
California Trails Closely Behind UK to Protect Children’s Privacy
Security, Privacy And The Law
by Michelle Youngmin Choi
4M ago
Recently signed into law by California Governor Gavin Newsom on September 15, 2022, the California Age-Appropriate Design Code Act (“AADC”) changes the playing field for certain businesses that provide online services, products, or features accessible to children under the age of 18. Although California models its new law after the Children’s Code passed by the UK, the AADC is first state law of its kind in the US. Once it goes into effect on July 1, 2024, the Attorney General may fine noncompliant businesses up to $7,500 per affected child. Whom does the AADC affect? The AADC applies to busin ..read more
Visit website
Password Security & Best Practices – A Refresher
Security, Privacy And The Law
by Colin Zick
4M ago
As more and more of us return to the office, it’s a good time to revisit the passwords you use.  It is therefore timely that the U.S. Department of Health and Human Services, Health Sector Cybersecurity Coordination Center (“HC3”) recently published a set of password security suggestions and best practices.  Here are some of HC3’s key takeaways: Use multi-factor authentication when possible. Use different passwords for different accounts. Make passwords that are hard to guess, but easy to remember. To make passwords easier to remember, use sentences or phrases. Example:  “pine ..read more
Visit website

Follow Security, Privacy And The Law on Feedspot

Continue with Google
OR