Tag Archives: data

Two Northeast States Update Breach Notification Statutes – CT & VT

In the last month both Vermont and Connecticut updated their existing breach notification statutes, highlighting the need to closely monitor state legislatures, particularly end of session happenings. Each modification highlights the growing trend of states requiring notification to the state's attorney general, under often new compressed timeframes. … Continue Reading

NLRB Holds “Facebook” Firing Justified on Alternative Grounds, but Finds Policy Unlawful

As we have discussed on our blog, the National Labor Relations Board (NLRB) has continued a campaign of enforcement actions against employers who, according to the NLRB, have unlawfully terminated employees for discussing working conditions on social media. As we reported, in the first of such "Facebook" enforcement actions to come before an NLRB administrative judge, the employer was ordered to reinstate five employees and to pay back their wages. On September 28, 2011, in the second "Facebook" case to reach an NLRB administrative judge, an employer was found to have been justified in terminating an employee car salesman for Facebook postings that mocked the employer and did not concern working conditions … Continue Reading

Additional Law Enforcement Group Endorses PCIPA’s 18-Month Mandatory IP Address Retention for ISPs

In the wake of the H.R. 1981, the “Protecting Children from Internet Pornographers Act of 2011 (PCIPA), proposed May 25, 2011 by U.S. Representatives Lamar Smith (R-Texas), the head of the House Judiciary Committee, and Debbie Wasserman Schultz (D-Fla.), the National Sheriffs’ Association, a organization representing 3,000+ Sheriff’s offices around the country, announced in testimony … Continue Reading

“Privacy by Design”: A Key Concern for VCs and Start-Ups

(co-authored by Nicole Friess, Esq.) The privacy landscape appears to be shifting toward a model that promotes greater consumer awareness of and control over data. Reflecting its consumer protection mission, the FTC’s Protecting Consumer Privacy in an Era of Rapid Change issued December 1, 2010 urges companies to adopt a "privacy by design" approach. Senators … Continue Reading

Kerry Releases Draft of “Privacy Bill of Rights”

A week after the Senate held a hearing on the state of online consumer privacy, Senator John Kerry (D-Mass) has published a draft of the "Commercial Privacy Bill of Rights Act of 2011." The Act, co-sponsored by Senator John McCain (R-Ariz.), directs the FTC to make rules requiring certain entities that handle information covered by … Continue Reading

FAQ on the “BEST PRACTICES Act” – Part Two

We recently published the first part of our FAQ series on Congressman Bobby Rush's new data privacy bill known as "Building Effective Strategies to Promote Responsibility Accountability Choice Transparency Innovation Consumer Expectations and Safeguards Act (a.k.a. "BEST PRACTICES Act" or "Act"). In Part One we looked at some of the key definitions and requirements concerning transparency, notice and individual choice, mandates around accuracy, access and dispute resolution, and finally data security and data minimization requirements under the Act. Part Two will focus on the "Safe Harbor" outlined in the Act, various exemptions for de-identified information and application and enforcement. … Continue Reading

Health Net Agrees to $250,000 Fine and “Corrective Action Plan” to Settle Loss of PHI

It didn’t take long for an Attorney General to latch onto Title XII of the American Recovery and Reinvestment Act of 2009 (a/k/a the Health Information Technology for Economic and Clinical Health Act [the HITECH Act]) in order to convince a covered entity to enter a data loss-related settlement.  Indeed, Heath Net of the North … Continue Reading

SearchSecurity.com Interview on the Data Accountabilituy and Trust Act

For those interested, I was recently interviewed by SearchSecurity.com concerning the Data Accountability and Trust Act ("DATA") passed in the House in December 2009.  While I might not be cut out for a career in broadcasting, hopefully the information I provided is useful.  If you would like more information, the Information Law Group has written … Continue Reading

The Breach Notification Obligations in the Data Accountability and Trust Act

The Information Law Group has been following various Federal data security bills as they wind their way through the House and Senate.  In December 2009, the Information Law Group commented on the passage of the Data Accountability and Trust Act ("DATA") by the House.  I was recently asked by Data Protection Law and Policy (an excellent … Continue Reading