What s trending on NP Privacy Partner
|
|
- Warren Wilkins
- 8 years ago
- Views:
Transcription
1 NP PRIVACY PARTNER Nixon peabody LLP What s trending on NP Privacy Partner January 30, 2015 Beware private drone operators, the FTC issues an Internet of Things report, hackers use stolen passwords to steal airline miles, a state HIPAA violation settlement and social media does not equal personal jurisdiction. Here s what s trending in Data Privacy and Security this week. Data Privacy FTC releases Internet of Things report to address consumer privacy and security On January 27, 2015, the Federal Trade Commission (FTC) released Internet of Things: Privacy & Security in a Connected World, to address the growth of connected devices, but also the privacy and security risks for consumers who are connected to this web of technology. In the report, the FTC provides a list of steps for businesses to take that will protect consumers privacy and security. Here are the FTC s recommendations: Build security into devices at the outset, rather than as an afterthought in the design process; Train employees about the importance of security, and ensure that security is managed at an appropriate level in the organization; Ensure that when outside service providers are hired, that those providers are capable of maintaining reasonable security, and provide reasonable oversight of the providers; When a security risk is identified, consider a defense-in-depth strategy whereby multiple layers of security may be used to defend against a particular risk; Consider measures to keep unauthorized users from accessing a consumer s device, data, or personal information stored on the network; Monitor connected devices throughout their expected life cycle, and where feasible, provide security patches to cover known risks. The FTC further recommends that businesses consider data minimization and only collect and retain consumer data for a specific time period (as necessary), and to allow consumers choice in how their information is used and shared. This newsletter is intended as an information source for the clients and friends of Nixon Peabody LLP. The content should not be construed as legal advice, and readers should not act upon information in the publication without professional counsel. This material may be considered advertising under certain rules of professional conduct. Copyright 2015 Nixon Peabody LLP. All rights reserved.
2 The FTC said in its press release, The Internet of Things is already impacting the daily lives of millions of Americans through the adoption of health and fitness monitors, home security devices, connected cars and household appliances, among other applications. Such devices offer the potential for improved health-monitoring, safer highways, and more efficient home energy use, among other potential benefits. So what s the concern? Connected devices raise huge privacy concerns for consumers, and without consumer trust, this innovative technology can t reach its true potential. The FTC hopes to remedy that problem by encouraging businesses to truly protect consumer privacy. Kathryn M. Sylvia Enforcement & Litigation First ever FAA settlement with private drone pilot for airspace violation On January 22, 2015, pilot and videographer, Raphael Pirker, reached a landmark settlement with the Federal Aviation Administration (FAA) in the agency s first-ever enforcement action for the pilot s refusal to pay a $10,000 fine for violating FAA regulations and flying a drone over the University of Virginia s airspace. Pirker agreed to pay $1,100 without admitting any regulatory violations, and the FAA in turn agreed to drop several other allegations that the agency brought against the pilot back in This case was first heard back in March 2014, when a Federal Administrative Law Judge determined that Pirker s plastic-foam drone model aircraft was not regulated by the FAA. The FAA announced only a few months after that decision that it would allow commercial operators of unmanned aircrafts to apply for exemptions to fly their aircrafts. However, the FAA also appealed the Federal Administrative Law Judge s decision to the National Transportation Safety Board (NTSB), and the NTSB narrowly ruled that model aircraft operators are subject to one FAA regulation careless or reckless operation. Pirker s attorney says, The discussion triggered by the case encouraged the FAA to look for ways to allow progress to be made, and what they came up with was the exemption process, which has had a beneficial impact for the industry. Without that discussion about what regulations apply, if any, I think there would have been far less pressure for the path forward. Surely, as the use of private drones becomes more prevalent, the FAA will weigh in on an individual s use of airspace and whether the FAA regulations apply. The use of these drones really comes down to the issue of an individual s privacy and protecting citizens from unwanted invasions into their private lives. We ll watch as more drone talk surely exudes in the media. Kathryn M. Sylvia Data Breach Medical device manufacturer alerts patients of data breach caused by vendor Medical device company, DJO Global, recently notified some of its patients that an unencrypted laptop of an employee of one of its contractors was stolen from the employee s car. The laptop was in the employee s backpack in the back seat of his locked vehicle. He went into a coffee shop to grab a cup of coffee, and a thief smashed the window of his car and stole the backpack and laptop. The stolen patient data included patient names, phone numbers, diagnosis codes, surgery dates, health insurer and clinic and doctor names, as well as several Social Security numbers.
3 This is another important warning to medical device manufacturers and contractors to implement encryption technology on any laptops that are used in the field. Linn Foster Freedman Hackers use stolen user names and passwords to steal miles from American and United Airlines customers Cybercriminals who previously stole or bought compromised user names and passwords from other websites, were able to use those same user names and passwords to steal airline miles from customers of American and United Airlines. Please note that the airline servers weren t hacked. What happened was that the cybercriminals used previously stolen user names and passwords to impersonate the customer by using the same user name and password to get into the American and United Airlines sites. This is a perfect example of why it is so important for consumers not to use the same user name and password for different websites. The hackers were able to use the customer s name and password to book flights and trips and use mileage for a free trip or upgrade. American Airlines admitted that up to 10,000 accounts were affected. Linn Foster Freedman Credit union regulator agrees to pay costs associated with lost thumb drive The National Credit Union Administration Board recently admitted that it failed to follow its own security policies when it downloaded the data of Palm Springs Credit Union (PSCU) onto an unencrypted thumb drive during an examination of PSCU. An examiner lost the thumb drive, which included account numbers, but did not include passwords or PINs. PSCU has provided notification and will offer credit monitoring for its affected members. The National Credit Union Administration Board has agreed to pay up to $50,000 to PSCU to reimburse it for the staff time and attorneys fees associated with the data breach, as well as credit monitoring costs. Linn Foster Freedman Social Media An Illinois resident s Facebook posting does not create personal jurisdiction to support a lawsuit against him in California In Burdick v. Superior Court of Orange County (No. G049107, filed January 14, 2015), the California Court of Appeal, Fourth Appellate District, addressed whether an Illinois resident may be sued in California because he posted alleged defamatory statements on his publicly available Facebook page. The Appellate Court held that posting defamatory statements about a person on a Facebook page, while knowing that the person resides in California, is insufficient itself to create the minimum contacts necessary to support personal jurisdiction in a California lawsuit arising out of that posting. The non-resident must not only intentionally post the statements on the Facebook page, but must also expressly aim or direct his intentional conduct at the forum state for the lawsuit (California), rather than at a plaintiff who happens to live there. The focus must be upon the forum-related acts personally committed by the non-resident, not upon the plaintiff s contacts with the forum. This case offers important analysis regarding the jurisdictional scope of Internetbased defamation claims.
4 The lawsuit was filed by two bloggers who questioned a skin care company s quality of products and operations. The skin care company and its executives allegedly responded with a campaign of harassment and defamation against the bloggers. One of its representatives, Douglas Burdick, posted on his Facebook page an announcement that scandalous information would be revealed regarding the bloggers. Burdick alluded that one of the bloggers uses multiple Social Security numbers and was charged with domestic violence on multiple occasions. In response to the bloggers lawsuit, Burdick challenged California s jurisdiction over him, claiming that he has lived in Illinois for over four decades, never lived in California, and never had any meaningful contacts with California. Burdick declared that he made and later removed the allegedly defamatory social media posting from his personal Facebook page while he was in Illinois. A California Trial Court rejected Burdick s jurisdictional challenge, finding that the effects of his posting reached California. In reversing the ruling, the California Appellate Court held that the plaintiffs failed to demonstrate that the Facebook post was expressly aimed at California, rather than the plaintiffs, such that the forum was the focal point of the allegedly tortious conduct. There was insufficient evidence that Burdick s Facebook page focused on California, that the allegedly defamatory posting was directed specifically at California residents, or that the persons or institutions to whom or which the posting was directed (Burdick s Facebook friends) resided in California. The Appellate Court vacated the Trial Court s Order finding of jurisdiction, and it directed the Trial Court to rule on whether plaintiffs should be allowed to conduct jurisdictional discovery to support a lawsuit against Burdick in California beyond his mere posting on Facebook. Steven M. Richard HIPAA Dentist pays $12,000 fine to Indiana AG for HIPAA and state law violations Dentist, Joseph Beck s license to practice dentistry was revoked by the Indiana Board of Dentistry in December of In March of 2013, he hired a private company to dispose of his patient records, spanning from , which included patients names, birth dates, Social Security numbers, medical records, insurance cards and information, and state ID numbers. Less than a week after the company retrieved the patient records from his office, a total of 63 boxes of his patient records were found in a dumpster in Indianapolis. The Indiana Attorney General s office retrieved the records and filed suit against Beck for improperly disposing the records. The AG stated that this file dump was an egregious violation of patient privacy and safety. The AG s suit against Beck alleged that he failed to protect the information, which, according to the Complaint, violated state privacy laws and HIPAA. Beck settled the case with the AG for $12,000. Just another example of why you can t throw sensitive paper records in the trash. Best practice is to shred paper records! Linn Foster Freedman
5 For more information, please contact: Linn Foster Freedman, Privacy & Data Protection Group Leader, at or Kathryn M. Sylvia at or Steven M. Richard at or NP Privacy Partner Blog Staying ahead in a data-driven world: insights from our Data Privacy & Security team.
Cyber Liability. AlaHA Annual Meeting 2013
Cyber Liability AlaHA Annual Meeting 2013 Disclaimer We are not providing legal advise. This Presentation is a broad overview of health care cyber loss exposures, the process in the event of loss and coverages
More informationGALLAGHER CYBER LIABILITY PRACTICE. Tailored Solutions for Cyber Liability and Professional Liability
GALLAGHER CYBER LIABILITY PRACTICE Tailored Solutions for Cyber Liability and Professional Liability Are you exposed to cyber risk? Like nearly every other business, you have probably capitalized on the
More informationProofpoint HIPAA Breach Report:
Proofpoint HIPAA Breach Report: An Analysis of HITECH Breach Notifications and Settlements, Q1 2013 Healthcare Industry Update threat protection compliance archiving & governance secure communication Contents
More informationMassachusetts Identity Theft/ Data Security Regulations
Massachusetts Identity Theft/ Data Security Regulations Effective March 1, 2010 Are You Ready? SPECIAL REPORT All We Do Is Work. Workplace Law. In four time zones and 45 major locations coast to coast.
More informationNOT TO BE PUBLISHED IN OFFICIAL REPORTS IN THE COURT OF APPEAL OF THE STATE OF CALIFORNIA FOURTH APPELLATE DISTRICT DIVISION THREE
Filed 5/28/15 Lopez v. Fishel Co. CA4/3 NOT TO BE PUBLISHED IN OFFICIAL REPORTS California Rules of Court, rule 8.1115(a), prohibits courts and parties from citing or relying on opinions not certified
More informationSubscribe to Credit Monitoring and/or Submit a Claim Form to get benefits. EXCLUDE YOURSELF
SUPERIOR COURT OF THE STATE OF CALIFORNIA, COUNTY OF ORANGE If you applied for health insurance through WellPoint / Anthem Blue Cross before March 10, 2010, you could get benefits from a class action settlement.
More informationPROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS
PROFESSIONAL RISK PRIVACY CLAIMS SCENARIOS The following claim scenarios are hypothetical and are offered solely to illustrate the types of situations that may result in claims. Although sorted by industry,
More informationCyber and Privacy Risk What Are the Trends? Is Insurance the Answer?
Minnesota Society for Healthcare Risk Management September 22, 2011 Cyber and Privacy Risk What Are the Trends? Is Insurance the Answer? Melissa Krasnow, Partner, Dorsey & Whitney, and Certified Information
More informationSUPERIOR COURT OF THE STATE OF CALIFORNIA COUNTY OF SANTA CLARA
SUPERIOR COURT OF THE STATE OF CALIFORNIA COUNTY OF SANTA CLARA GABRIEL JOHNSON, individually and on behalf of all others similarly situated, v. Plaintiffs, Case No. 1-09-CV-146501 CLASS ACTION Judge:
More informationDATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT
Advisor Article DATA SECURITY: A CRUCIAL TOPIC FOR CORPORATE COUNSEL AND MANAGEMENT By James R. Carroll, David S. Clancy and Christopher G. Clark* Skadden, Arps, Slate, Meagher & Flom Customer data security
More informationSmart Policies for Workplace Technologies Email, Blogs, Cell Phones & More
Smart Policies for Workplace Technologies Email, Blogs, Cell Phones & More By Lisa Guerin, J.D. Nolo, 2011, ISBN:1-4133-1326-0 Price $26.95, pp. 225 pages Reviewed by Nina T. Dow Journal of High Technology
More informationWhy Lawyers? Why Now?
TODAY S PRESENTERS Why Lawyers? Why Now? New HIPAA regulations go into effect September 23, 2013 Expands HIPAA safeguarding and breach liabilities for business associates (BAs) Lawyer is considered a business
More informationDATA PRIVACY ENFORCEMENT EFFORTS BY STATE ATTORNEYS GENERAL
DATA PRIVACY ENFORCEMENT EFFORTS BY STATE ATTORNEYS GENERAL State AGs have been very active in the leadership of data privacy protection initiatives across the country, and have dedicated considerable
More informationData Privacy: What your nonprofit needs to know. Donna Balaguer and Ed Lavergne Washington, D.C. February 5, 2015
Data Privacy: What your nonprofit needs to know Donna Balaguer and Ed Lavergne Washington, D.C. February 5, 2015 Overview 2 Data privacy versus data security Privacy polices and best practices Data security
More informationUnderstanding Professional Liability Insurance
Understanding Professional Liability Insurance Definition Professional liability is more commonly known as errors & omissions (E&O) and is a form of liability insurance that helps protect professional
More informationCase: 1:15-cv-00608 Document #: 1 Filed: 01/21/15 Page 1 of 5 PageID #:1
Case: 1:15-cv-00608 Document #: 1 Filed: 01/21/15 Page 1 of 5 PageID #:1 IN THE UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF ILLINOIS EASTERN DIVISION TRAVELERS CASUALTY AND SURETY COMPANY
More informationReducing Risk. Raising Expectations. CyberRisk and Professional Liability
Reducing Risk. Raising Expectations. CyberRisk and Professional Liability Are you exposed to CyberRisk? Like nearly every other business, you have likely capitalized on the advancements in technology today
More informationTHE DATA BREACH: How to stay defensible before, during and after the incident. after the incident.
THE DATA BREACH: How to stay defensible before, during and after the incident. after the incident. September 22, 2015 Erica Ouellette Beazley Technology, Media & Business Services Alyson Newton, Executive
More informationSINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry
SINGAPORE HEALTHCARE ENTERPRISE RISK MANAGEMENT CONGRESS 2014 - Data Breach : The Emerging Threat to Healthcare Industry DATA BREACH A FICTIONAL CASE STUDY THE FIRST SIGNS OF TROUBLE Friday, 5.20 pm :
More informationSMALL CLAIMS. Superior Court of New Jersey Law Division Special Civil Part Small Claims Section
SMALL CLAIMS Superior Court of New Jersey Law Division Special Civil Part Small Claims Section Small Claims page 1 T he Small Claims Section is a court in which you may sue someone (the defendant) to collect
More informationData Security Breaches: Learn more about two new regulations and how to help reduce your risks
Data Security Breaches: Learn more about two new regulations and how to help reduce your risks By Susan Salpeter, Vice President, Zurich Healthcare Risk Management News stories about data security breaches
More informationData Breach and Senior Living Communities May 29, 2015
Data Breach and Senior Living Communities May 29, 2015 Todays Objectives: 1. Discuss Current Data Breach Trends & Issues 2. Understanding Why The Senior Living Industry May Be A Target 3. Data Breach Costs
More informationDefense of State Employees: LIABILITY AND LAWSUITS. UNCW Office of General Counsel January 2010
Defense of State Employees: LIABILITY AND LAWSUITS UNCW Office of General Counsel January 2010 COMMON CAUSES OF ACTION (or what could we be sued for) Tort claims Contract claims Discrimination/Harassment
More informationMASSACHUSETTS IDENTITY THEFT RANKING BY STATE: Rank 23, 66.5 Complaints Per 100,000 Population, 4292 Complaints (2006) Updated January 17, 2009
MASSACHUSETTS IDENTITY THEFT RANKING BY STATE: Rank 23, 66.5 Complaints Per 100,000 Population, 4292 Complaints (2006) Updated January 17, 2009 Current Laws: Identity Crime: A person is guilty of identity
More informationManaging Cyber & Privacy Risks
Managing Cyber & Privacy Risks NAATP Conference 2013 NSM Insurance Group Sean Conaboy Rich Willetts SEAN CONABOY INSURANCE BROKER NSM INSURANCE GROUP o Sean has been with NSM Insurance Group for the past
More information3/13/2015 HIPAA/HITECH WHAT S YOUR COMPLIANCE STATUS? Daniel B. Mills Pretzel & Stouffer, Chartered WHAT IS HIPAA?
HIPAA/HITECH WHAT S YOUR COMPLIANCE STATUS? Daniel B. Mills Pretzel & Stouffer, Chartered WHAT IS HIPAA? 1 DEFINITIONS HIPAA Health Insurance Portability and Accountability Act of 1996 Primarily designed
More informationFfLED Superior Court Of California, Ii/21/20H
r 1 1 1 C. Brooks Cutter, SBN 0 William A. Kershaw SBN 0 John R. Parker, Jr., SBN 1 KERSHAW, CUTTER & RATINOFF, LLP 01 Watt Avenue Sacramento, CA Telephone: () -00 Facsimile: () - Robert A. Buccola, SBN
More informationIf You Shopped at Target from November 27 through December 18, 2013 or Received Notice That Your Personal Information Was Compromised,
UNITED STATES DISTRICT COURT FOR THE DISTRICT OF MINNESOTA If You Shopped at Target from November 27 through December 18, 2013 or Received Notice That Your Personal Information Was Compromised, You Could
More informationData Breach Response Basic Principles Under U.S. State and Federal Law. ABA Litigation Section Core Knowledge January 2015 1
Data Breach Response Basic Principles Under U.S. State and Federal Law ABA Litigation Section Core Knowledge January 2015 1 I. Introduction Data breaches have become an unfortunate reality for many of
More informationData Breach Response Planning: Laying the Right Foundation
Data Breach Response Planning: Laying the Right Foundation September 16, 2015 Presented by Paige M. Boshell and Amy S. Leopard babc.com ALABAMA I DISTRICT OF COLUMBIA I FLORIDA I MISSISSIPPI I NORTH CAROLINA
More informationA&E Briefings. Indemnification Clauses: Uninsurable Contractual Liability. Structuring risk management solutions
A&E Briefings Structuring risk management solutions Spring 2012 Indemnification Clauses: Uninsurable Contractual Liability J. Kent Holland, J.D. ConstructionRisk, LLC Professional consultants are judged
More informationDATA SECURITY HACKS, HIPAA AND HUMAN RISKS
DATA SECURITY HACKS, HIPAA AND HUMAN RISKS MSCPA HEALTH CARE SERVICES SEMINAR Ken Miller, CPA, CIA, CRMA, CHC, CISA Senior Manager, Healthcare HORNE LLP September 25, 2015 AGENDA 2015 The Year of the Healthcare
More informationStaying Out of Trouble: Key Privacy, Data Security, and Advertising Mistakes That Can Put You in the Enforcement Crosshairs
Staying Out of Trouble: Key Privacy, Data Security, and Advertising Mistakes That Can Put You in the Enforcement Crosshairs April 1, 2015 Reed Freeman Heather Zachary Overview Current State of the Market
More informationReflections on Ethical Issues In the Tripartite Relationship
Reflections on Ethical Issues In the Tripartite Relationship [click] By Bruce A. Campbell 1 Introduction In most areas of the practice of law, there are a number of ethical issues that arise on a frequent
More informationSecurity Breaches. There are unscrupulous individuals, like identity thieves, who want your information to commit fraud.
IDENTITY THEFT Security Breaches Our economy generates an enormous amount of data. Most users of that information are from honest businesses - getting and giving legitimate information. Despite the benefits
More informationHIPAA Compliance: Efficient Tools to Follow the Rules
Bank of America Merrill Lynch White Paper HIPAA Compliance: Efficient Tools to Follow the Rules Executive summary Contents The stakes have never been higher for compliance with the Health Insurance Portability
More informationIntroduction to Data Security Breach Preparedness with Model Data Security Breach Preparedness Guide
Introduction to Data Security Breach Preparedness with Model Data Security Breach Preparedness Guide by Christopher Wolf Directors, Privacy and Information Management Practice Hogan Lovells US LLP christopher.wolf@hoganlovells.com
More informationAre You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style.
Are You Still HIPAA Compliant? Staying Protected in the Wake of the Omnibus Final Rule Click to edit Master title style March 27, 2013 www.mcguirewoods.com Introductions Holly Carnell McGuireWoods LLP
More informationRecent Developments in Privacy/Security Litigation
Recent Developments in Privacy/Security Litigation Elizabeth F. Hodge February 25, 2015 Privacy & Security Enforcement HIPAA Office for Civil Rights State Attorneys General Federal Trade Commission (FTC)
More informationThe Evolving Legal Framework Regulating Commercial Data Security Standards
The Evolving Legal Framework Regulating Commercial Data Security Standards By Bret Cohen Late one evening in December 2010, an employee of a commercial blood bank left his office with four backup tapes
More informationIdentity Theft. What it is and How to Protect Yourself
Mark R. Herring Attorney General Commonwealth of Virginia Office of the Attorney General 900 East Main Street Richmond, Virginia 23219 (804) 786-2071 (Telephone) (804) 786-1991 (Facsimile) Identity Theft
More informationCyber Self Assessment
Cyber Self Assessment According to Protecting Personal Information A Guide for Business 1 a sound data security plan is built on five key principles: 1. Take stock. Know what personal information you have
More informationThe privacy of DataLogic CRM, Inc. s customers and affiliates is important to us. Therefore:
Privacy Policy DataLogic CRM, Inc. is committed to the security and privacy of our customer s data. This Privacy Policy explains our commitment to safeguarding our customers data and serves as our agreement
More informationCSR Breach Reporting Service Frequently Asked Questions
CSR Breach Reporting Service Frequently Asked Questions Quick and Complete Reporting is Critical after Data Loss Why do businesses need this service? If organizations don t have this service, what could
More informationHIPAA and Privacy Policy Training
HIPAA and Privacy Policy Training July 2015 1 This training addresses the requirements for maintaining the privacy of confidential information received from HFS and DHS (the Agencies). During this training
More informationInformation Security and Privacy. WHAT is to be done? HOW is it to be done? WHY is it done?
Information Security and Privacy WHAT is to be done? HOW is it to be done? WHY is it done? 1 WHAT is to be done? O Be in compliance of Federal/State Laws O Federal: O HIPAA O HITECH O State: O WIC 4514
More informationThis presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in
This presentation focuses on the Healthcare Breach Notification Rule. First published in 2009, the final breach notification rule was finalized in the HIPAA Omnibus Rule of 2013. As part of the American
More informationFinding a Cure for Medical Identity Theft
Finding a Cure for Medical Identity Theft A look at the rise of medical identity theft and what small healthcare organizations are doing to address threats October 2014 www.csid.com TABLE OF CONTENTS SUMMARY
More informationCOURT OF APPEAL, FOURTH APPELLATE DISTRICT DIVISION ONE STATE OF CALIFORNIA D051300
Filed 3/4/08; pub. order 3/14/08 (see end of opn.) COURT OF APPEAL, FOURTH APPELLATE DISTRICT DIVISION ONE STATE OF CALIFORNIA In re ALEJANDRO A., a Person Coming Under the Juvenile Court Law. THE PEOPLE,
More informationHIPAA/ HITECH HEALTH INSURANCE PORTABILITY ACCOUNTABILITY ACT. and. Health Information Technology for Economic and Clinical Health Act.
HIPAA/ HITECH HEALTH INSURANCE PORTABILITY and ACCOUNTABILITY ACT Health Information Technology for Economic and Clinical Health Act Revised 4/4/14 1 Your Accountability Quality Care Compliance Reputation
More informationThe Data Breach: How to stay defensible before, during and after the incident. Alex Ricardo, CIPP/US Breach Response Services
The Data Breach: How to stay defensible before, during and after the incident. Alex Ricardo, CIPP/US Breach Response Services What we are NOT doing today Providing Legal Advice o Informational Purposes
More informationMIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)
MIT s Information Security Program for Protecting Personal Information Requiring Notification (Revision date: 2/26/10) Table of Contents 1. Program Summary... 3 2. Definitions... 4 2.1 Identity Theft...
More informationData Privacy and Cybersecurity Task Force
Data Privacy and Cybersecurity Task Force key contact Josephine Cicchetti Shareholder T: 202.965.8162 F: 202.965.8104 email We provide clients across industries with comprehensive counsel on complex, evolving,
More informationPRIVACY IMPACT ASSESSMENT
PRIVACY IMPACT ASSESSMENT Outsourced Litigation Support Services September 2013 FDIC External Service Table of Contents System Overview Personally Identifiable Information (PII) in OLSS Purpose & Use of
More informationPENNSYLVANIA IDENTITY THEFT RANKING BY STATE: Rank 14, 72.5 Complaints Per 100,000 Population, 9016 Complaints (2007) Updated January 29, 2009
PENNSYLVANIA IDENTITY THEFT RANKING BY STATE: Rank 14, 72.5 Complaints Per 100,000 Population, 9016 Complaints (2007) Updated January 29, 2009 Current Laws: A person commits the offense of identity theft
More informationTHARPE & HOWELL BUSINESS LAW NEWSLETTER
This Newsletter is brought to you by Tharpe and Howell s Commercial Litigation Practices Group. For more information, contact Robert Freedman, chair of the Group, or David Binder, partner in charge of
More informationSecurity Is Everyone s Concern:
Security Is Everyone s Concern: What a Practice Needs to Know About ephi Security Mert Gambito Hawaii HIE Compliance and Privacy Officer July 26, 2014 E Komo Mai! This session s presenter is Mert Gambito
More informationHIPAA: Bigger and More Annoying
HIPAA: Bigger and More Annoying Instructor: Laney Kay, JD Contact information: 4640 Hunting Hound Lane Marietta, GA 30062 (770) 312-6257 (770) 998-9204 (fax) laney@laneykay.com www.laneykay.com OFFICIAL
More informationCybersecurity Best Practices in Mortgage Banking. Article by Jim Deitch October 2015
Cybersecurity Best Practices in Mortgage Banking Article by Jim Deitch Cybersecurity Best Practices in Mortgage Banking BY JIM DEITCH Jim Deitch Recent high-profile cyberattacks have clearly demonstrated
More information-1- SECOND AMENDED COMPLAINT
VACHON LAW FIRM Michael R. Vachon, Esq. (SBN ) 0 Via Del Campo, Suite San Diego, California Tel.: () -0 Fax: () - Attorney for Plaintiff SUPERIOR COURT OF THE STATE OF CALIFORNIA COUNTY OF LOS ANGELES
More informationResponding to New Identity Theft Laws
Responding to New Identity Theft Laws March 2011 Privacy Expectations Today, there is increasing recognition that an individual has a legitimate interest in controlling the collection, use and disclosure/dissemination
More informationConsumers and Businesses May Claim Microsoft Settlement Benefits
SUPERIOR COURT FOR THE STATE OF CALIFORNIA, CITY AND COUNTY OF SAN FRANCISCO Consumers and Businesses May Claim Microsoft Settlement Benefits A court authorized this notice. This is not a solicitation
More informationIDENTITY THEFT IN SOUTH CAROLINA: 2014 UPDATE. Marti Phillips, Esq. Director, Identity Theft Unit South Carolina Department of Consumer Affairs
IDENTITY THEFT IN SOUTH CAROLINA: 2014 UPDATE Marti Phillips, Esq. Director, Identity Theft Unit South Carolina Department of Consumer Affairs This presentation is not meant to serve as a substitute for
More informationLessons Learned from Recent HIPAA and Big Data Breaches. Briar Andresen Katie Ilten Ann Ladd
Lessons Learned from Recent HIPAA and Big Data Breaches Briar Andresen Katie Ilten Ann Ladd Recent health care breaches Breach reports to OCR as of February 2015 1,144 breaches involving 500 or more individual
More informationAttorney for Plaintiff SUPERIOR COURT OF THE STATE OF CALIFORNIA LOS ANGELES COUNTY CENTRAL DISTRICT STANLEY MOSK COURTHOUSE
VACHON LAW FIRM Michael R. Vachon, Esq. (SBN ) 0 Via Del Campo, Suite San Diego, California Tel.: () -0 Fax: () - Attorney for Plaintiff SUPERIOR COURT OF THE STATE OF CALIFORNIA LOS ANGELES COUNTY CENTRAL
More informationInsurance Coverage In Consumer Class Actions
This article first appeared in the October 2010 issue of The Corporate Counselor. Insurance Coverage In Consumer Class Actions John W. McGuinness and Justin F. Lavella The business world is an increasingly
More informationHIPAA BREACH NOTIFICATION REQUIREMENTS. Heman A. Marshall, III July 25, 2014
1 HIPAA BREACH NOTIFICATION REQUIREMENTS Heman A. Marshall, III July 25, 2014 2 SCENARIO FOR VBA SUMMER MEETING The Medical Marijuana Growers Association (MMGA) Health Plan, which is a self-fund plan,
More informationCyber-Crime Protection
Cyber-Crime Protection A program of cyber-crime prevention, data breach remedies and data risk liability insurance for houses of worship, camps, schools, denominational/association offices and senior living
More informationCreditor Lawsuits Handbook
Creditor Lawsuits Handbook In Magisterial District Court A Handbook for people dealing with creditor lawsuits, including information on such suits and common defenses. Revised July 2009 Introduction This
More informationHow to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised
ACE USA Podcast Released June 24, 2010 How to Respond When Sensitive Customer and Employee Data is Breached, Stolen or Compromised Moderator: Richard Tallo Senior Vice President, ACE North America Marketing
More informationBIG DATA AND INSURANCE SYMPOSIUM
BIG DATA AND INSURANCE SYMPOSIUM ATTORNEY GENERAL GEORGE JEPSEN UNIVERSITY OF CONNECTICUT SCHOOL OF LAW APRIL 3, 2014 (REVISED FOR PUBLICATION) *** This Article reproduces the keynote address delivered
More informationHIPAA Omnibus Rule Overview. Presented by: Crystal Stanton MicroMD Marketing Communication Specialist
HIPAA Omnibus Rule Overview Presented by: Crystal Stanton MicroMD Marketing Communication Specialist 1 HIPAA Omnibus Rule - Agenda History of the Omnibus Rule What is the HIPAA Omnibus Rule and its various
More informationEARLY CARE & EDUCATION LAW UNIT WHAT YOU NEED TO KNOW ABOUT SMALL CLAIMS COURT
EARLY CARE & EDUCATION LAW UNIT Publication Date: November 2013 WHAT YOU NEED TO KNOW ABOUT SMALL CLAIMS COURT In the operation of your child care business you may encounter problems which force you to
More informationWritten Information Security Programs: Compliance with the Massachusetts Data Security Regulation
View the online version at http://us.practicallaw.com/7-523-1520 Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP
More informationEmployee Relations. Howard S. Lavin and Elizabeth E. DiMichele
VOL. 34, NO. 4 SPRING 2009 Employee Relations L A W J O U R N A L Split Circuits Does Charging Party s Receipt of a Right-to-Sue Letter and Commencement of a Lawsuit Divest the EEOC of its Investigative
More informationThe Age of Data Breaches:
The Age of Data Breaches: HOW TO AVOID BEING THE NEXT HEADLINE MARCH 24, 2015 2015 Epstein Becker & Green, P.C. All Rights Reserved. ebglaw.com This presentation has been provided for informational purposes
More informationWritten Information Security Programs: Compliance with the Massachusetts Data Security Regulation
Written Information Security Programs: Compliance with the Massachusetts Data Security Regulation Melissa J. Krasnow, Dorsey & Whitney LLP A Note discussing written information security programs (WISPs)
More informationBrief. The BakerHostetler Data Security Incident Response Report 2015
Brief The BakerHostetler Data Security Incident Response Report 2015 The rate of disclosures of security incidents in 2015 continues at a pace that caused many to call 2013 and then 2014 the year of the
More informationTenth Judicial Circuit of Florida Information Systems Acceptable Use Guidelines Polk, Hardee and Highlands Counties as of January 2014
Tenth Judicial Circuit of Florida Information Systems Acceptable Use s Polk, Hardee and Highlands Counties as of January 2014 The following guidelines define the acceptable use of information technology
More informationIN THE COURT OF APPEALS OF INDIANA
FOR PUBLICATION ATTORNEYS FOR APPELLANT: RICK D. MEILS WILLIAM M. BERISH JOHN W. MERVILDE Meils Thompson Dietz & Berish Indianapolis, Indiana ATTORNEY FOR APPELLEES: JUSTIN STIMSON Bloomington, Indiana
More informationNOTICE OF CLASS ACTION SETTLEMENT GRECO V. SELECTION MANAGEMENT SYSTEMS, INC. San Diego Superior Court Case No. 37-2014-00085074-CU-BT-CTL
NOTICE OF CLASS ACTION SETTLEMENT GRECO V. SELECTION MANAGEMENT SYSTEMS, INC. San Diego Superior Court Case No. 37-2014-00085074-CU-BT-CTL The Superior Court has authorized this notice. This is not a solicitation
More informationTexas Medical Records Privacy Act (a.k.a. Texas House Bill 300)
Texas Medical Records Privacy Act (a.k.a. Texas House Bill 300) Ricky Link, Coalfire ISACA North Texas and IIA Fort Worth Chapters The Petroleum Club of Fort Worth March 4, 2014 1 About Coalfire Coalfire
More informationWhere s the App for That?
Where s the App for That? Mobile Medical Apps, Cybersecurity and the Regulatory and Litigation Landscape Sharon R. Klein Jan P. Levine Angelo A. Stio, III PBI Health Law Institute 2016 Spring 2016 1 Today
More informationHIPAA Update Presented by:
HIPAA Update Presented by: www.thehealthlawfirm.com Main Office: 1101 Douglas Avenue Altamonte Springs, FL 32714 Phone: (407) 331-6620 Fax: (407) 331-3030 Website: www.thehealthlawfirm.com Today s Lecturers:
More informationMedicaid Enterprise Systems Conference 2012
Medicaid Enterprise Systems Conference 2012 Best Practices for Using HIT and HIEs to Keep PHI Secure in an Increasingly Mobile and Technical World Presenters: Charles Sutton, Senior Executive Health Product
More informationIDENTITY THEFT: DATA SECURITY FOR EMPLOYERS. Boston, MA 02110 Richmond, Virginia 23219 Tel. (617) 502.8238 Tel. (804) 783.7579
IDENTITY THEFT: DATA SECURITY FOR EMPLOYERS Daniel J. Blake, Esq. Vijay K. Mago, Esq. LeClairRyan, A Professional Corporation LeClairRyan, A Professional Corporation One International Place, Eleventh Floor
More informationB. Terms of Agreement; Google Terms of Service; Conflicting Provisions
OHSU Email Address for Life Terms and Conditions These Terms and Conditions govern your activation, receipt, and use of an @alumni.ohsu.edu email account. Activating an @alumni.ohsu.edu email account constitutes
More informationSUPERIOR COURT FOR THE COUNTY OF ALAMEDA
If there was a debt on your credit report based on an alleged shoplifting incident at a Nordstrom Store, a class action lawsuit may affect your rights. A court authorized this Notice. This is not a solicitation
More informationHIPAA Omnibus Rule Practice Impact. Kristen Heffernan MicroMD Director of Prod Mgt and Marketing
HIPAA Omnibus Rule Practice Impact Kristen Heffernan MicroMD Director of Prod Mgt and Marketing 1 HIPAA Omnibus Rule Agenda History of the Rule HIPAA Stats Rule Overview Use of Personal Health Information
More informationCybersecurity and Privacy 2015: Presentation to Institute of International Bankers
Cybersecurity and Privacy 2015: Presentation to Institute of International Bankers Sue Ross Senior Counsel Norton Rose Fulbright US LLP October 27, 2015 Speaker Sue Ross Senior Counsel Norton Rose Fulbright
More informationNEW JERSEY JUDICIARY SMALL CLAIMS. Superior Court of New Jersey Law Division Special Civil Part Small Claims Section
NEW JERSEY JUDICIARY SMALL CLAIMS Superior Court of New Jersey Law Division Special Civil Part Small Claims Section Small Claims page 1 The small claims section is a court in which you can sue a person
More informationD.C., A MINOR V. HARVARD-WESTLAKE SCH., 98 Cal. Rptr. 3d 300. Plaintiff D.C., a student, appealed a Los Angeles Superior Court decision in favor of
D.C., A MINOR V. HARVARD-WESTLAKE SCH., 98 Cal. Rptr. 3d 300 Raquel Rivera Rutgers Conflict Resolution Law Journal November 22, 2010 Brief Summary: Plaintiff D.C., a student, appealed a Los Angeles Superior
More information(1) It was something fairly and naturally incidental to the employer's business assigned to the employee; and
Employer Liability for Employee Conduct by Lisa Mann 05-01-2000 EMPLOYER LIABILITY FOR EMPLOYEE CONDUCT: When Does An Employer Have to Pay? by Lisa Mann Modrall, Sperling, Roehl, Harris & Sisk, P.A. Employers
More informationClient Education. Learn About Identity Theft
Client Education Learn About Identity Theft 2 What is identity theft? 6 Detecting identity theft 10 Minimizing your risk 14 What to do if you re a victim The Federal Trade Commission (FTC) estimates that
More information2013 IL App (1st) 120546-U. No. 1-12-0546 IN THE APPELLATE COURT OF ILLINOIS FIRST JUDICIAL DISTRICT
2013 IL App (1st) 120546-U Third Division March 13, 2013 No. 1-12-0546 NOTICE: This order was filed under Supreme Court Rule 23 and may not be cited as precedent by any party except in the limited circumstances
More informationUnderstanding. your Cyber Liability coverage
Understanding your Cyber Liability coverage TEXAS MEDICAL LIABILITY TRUST 901 S. Mopac Expressway Barton Oaks Plaza V, Suite 500 Austin, TX 78746-5942 P.O. Box 160140 Austin, TX 78716-0140 800-580-8658
More informationIf You Paid Overdraft Fees to M&T Bank, You May Be Eligible for a Payment from a Class Action Settlement.
UNITED STATES DISTRICT COURT FOR THE SOUTHERN DISTRICT OF FLORIDA If You Paid Overdraft Fees to M&T Bank, You May Be Eligible for a Payment from a Class Action Settlement. A federal court authorized this
More informationIf You Paid for the Antibiotic Cipro in California You Could Get Money from a Class Action Settlement
SUPERIOR COURT OF THE STATE OF CALIFORNIA COUNTY OF SAN DIEGO If You Paid for the Antibiotic Cipro in California You Could Get Money from a Class Action Settlement A court authorized this Notice. This
More informationIf You Were Sent a Text Message from The Western Union Company, You May Be Entitled to a Payment from a Class Action Settlement.
UNITED STATES DISTRICT COURT FOR THE NORTHERN DISTRICT OF ILLINOIS If You Were Sent a Text Message from The Western Union Company, You May Be Entitled to a Payment from a Class Action Settlement. A federal
More informationSangamon County Circuit Clerk s Office. Small Claims Court Manual. Updated March 2008
Sangamon County Circuit Clerk s Office Small Claims Court Manual Small Claims Court Manual 1 The purpose of this guide is to explain, in simple language, the workings of the Small Claims Court in Sangamon
More information