OR PHONE (866) 635-1838 for Bankruptcy Help, (866) 635-6190 for Divorce,
(866) 635-2689 for Personal Injury or (866) 635-9402 for Criminal Defense

Find a Local Lawyer

Bankruptcy (866) 635-1838
Divorce (866) 635-6190
Personal Injury (866) 635-2689
Criminal Defense (866) 635-9402

Legal Niches

The Privacy and Security Law Blog The Privacy and Security Law Blog

Daily analysis of data security and privacy issues.

Post Frequency: 4.1/day

Last Entry: December 18, 2014 at 17:37:31

Recent Entries: 342

Track this blog ()

Go to The Privacy and Security Law Blog, find other Legal Niches blogs, or browse all law blogs.

This Blog Only All Blogs


Congress Funds Cybersecurity: Spending Bill Allocates over $1 Billion to Cybersecurity

Posted on December 18, 2014
The final spending bill of the 113th Congress, which keeps the government doors open until September 30th of 2015, was passed by the House on December 11th, the Senate on the 13th, and signed by the President on December 16th. It is a $1.1 trillion omnibus spending bill that will direct well over $1 billion toward cybersecurity...

Congress Confirms NIST?s Role in Cybersecurity ? and the Continuation of the Cybersecurity Framework

Posted on December 18, 2014
The Cybersecurity Enhancement Act of 2014 (CEA) was passed by the House and the Senate on December 11th, and signed by the President on the 18th. The bill formalizes the role of the National Institute for Standards and Technology (NIST) in continuing to develop the voluntary Cybersecurity Framework...

Congress Passes Cybersecurity Workforce Legislation

Posted on December 18, 2014
The Border Patrol Agent Pay Reform Act of 2014 was passed by the Senate on September 18th, by the House on December 10th, and signed by the President on December 18th. It contains provisions from the Cybersecurity Workforce Recruitment and Retention Act of 2014, which allows the Secretary of the Department of Homeland Security (DHS) to establish cybersecurity positions within DHS to better meet its cybersecurity mission...

Congress Passes The Federal Information Security Modernization Act of 2014: Bringing Federal Agency Information Security into the New Millennium

Posted on December 18, 2014
The Federal Information Security Modernization Act of 2014 (FISMA) was passed by the Senate on December 8th, by the House on December 10th, and by the President on December 18th. It is a comprehensive bill intended to bring federal agency information security practices into the new millennium ? to better respond to evolving cybersecurity threats...

To access this complete feed in the blog feed reader login or register for free.

Congress Passes the National Cybersecurity Protection Act: Codifies National Cybersecurity Center & Creates Federal Agency Data Breach Notification Law

Posted on December 18, 2014
The National Cybersecurity Protection Act of 2014 (NCPA) was passed by the House on December 8th, by the Senate on December 10th, and signed by the President on December 18th. Senate Committee on Homeland Security and Governmental Affairs Chairman Tom Carper (D-Del...

Cybersecurity Legislation Focuses on Federal Government Initiatives ? Leaves Private Sector Reforms for 2015

Posted on December 18, 2014
One of the few things the parties in Congress can agree upon these days is cybersecurity ? at least when it comes to directing the federal government?s cyber activities. In its final days, the 113th Congress reached agreement on several major pieces of legislation intended to improve the nation?s cybersecurity: the National Cybersecurity Protection Act of 2014, the Federal Information Security Modernization Act of 2014, the Border Patrol Agent Pay Reform Act of 2014 (a bill that contains provisions from the Department of Homeland Security (DHS) Cybersecurity Workforce Recruitment and Retention Act of 2014), the Cybersecurity Workforce Assessment Act, and the Cybersecurity Enhancement Act of 2014...

Advisory Alert: Latest HIPAA Settlement

Posted on December 17, 2014
Compliance is an Ongoing Process The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) issued its first settlement under new OCR Director Jocelyn Samuels earlier this month. This latest settlement serves as a reminder that a successful privacy and security compliance program is an ongoing process...

Advisory Alert: Refill Reminders and the TCPA

Posted on December 05, 2014
The Telephone Consumer Protection Act (?TCPA?) presents another challenge as health care providers continue to engage patients and seek to meet Meaningful Use reminder objectives. Over the past year, there have been several class action suits alleging pharmacies? prescription refill reminders violated TCPA...

State AGs Looking to Crack Down on Telemarketers Press FCC and FTC

Posted on December 05, 2014
A majority of the nation?s state and territorial Attorneys General have collectively urged the Federal Communications Commission and Federal Trade Commission to revisit rules and policies in ways that would help law enforcement crack down on telemarketing practices...

Is Your Website Ready for California?s ?Minor Eraser? Law?

Posted on December 01, 2014
Starting on Jan. 1, 2015, California?s new ?Minor Eraser? law goes into effect and allows minors in California to remove content or information that they have posted as a registered user on a website, online service, online application or mobile application (collectively, an ?online service?)...

Encryption and Securing BYO Devices at the Heart of Massachusetts AG $100,000 Settlement

Posted on November 25, 2014
The Massachusetts Attorney General announced Friday that her office had reached a settlement with Beth Israel Deaconess Medical Center (BIDMC) surrounding a 2012 data breach in which a physician?s unencrypted personal laptop containing patient and employee information was stolen from BIDMC?s grounds...

AgeCheq, Inc. Looking for Second Bite at the Parental Consent Apple

Posted on November 25, 2014
FTC Denies Company?s First Proposed COPPA Parental Consent Method, Seeks Public Comment on Second Proposal The Federal Trade Commission announced that it has denied AgeCheq, Inc.?s proposed verifiable parental consent method application, which relied on existing verifiable consent methods but also utilized a third-party common consent administrator to allow for consent across multiple devices (see our discussion here)...

Preparing for HIPAA Compliance Audits

Posted on November 24, 2014
The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), the office responsible for administering and enforcing the Health Insurance Portability and Accountability Act of 1996 (HIPAA), will continue to audit HIPAA covered entities and business associates in 2015...

Advisory Alert: California?s ?Online Eraser? Law for Minors to Take Effect Jan. 1, 2015

Posted on November 17, 2014
On Jan. 1, 2015, California?s ?Online Eraser? law will take effect, requiring websites and other online service operators to delete on demand any content posted by minors. The law also prohibits such operators from sharing minors? personal information with third parties for the purpose of marketing particular products or services to them...

Advisory Alert: Ebola or Not, Patient Privacy Must Be Protected

Posted on November 12, 2014
In the wake of the recent Ebola cases, the U.S. Department of Health and Human Services? (HHS) Office for Civil Rights (OCR) hasissued a new bulletin reminding HIPAA-covered entities and their business associates that the requirements of the HIPAA Privacy Rule still apply when sharing protected health information (PHI), even in emergency situations...

Federal Financial Institutions Examination Council Releases Cybersecurity Assessment Results: Boards of Directors and Senior Management Need to Engage

Posted on November 05, 2014
The Federal Financial Institutions Examination Council (FFIEC) released general observations yesterday from a cybersecurity assessment of over 500 community financial institutions. The cybersecurity assessment evaluated the institutions? preparedness to mitigate cyber risks...

FCC Reaffirms Fax Ads Sent With Recipients? Prior Permission Require Opt-Out Notice

Posted on October 31, 2014
But Grants Retroactive Waivers to Petitioners Who Sent Permission-Based Faxes Without Opt-Out Notices The Federal Communications Commission has issued an Order sustaining its rule that even ads faxed with the permission of the recipient must include a notice with instructions for how to opt out of future faxes...

California Attorney General Releases Breach Report with Key Findings and Recommendations for Retailers, Financial Institutions and Health Care Sectors

Posted on October 29, 2014
California Attorney General Kamala D. Harris has released a ?California Data Breach Report,? which presents a series of findings and recommendations based on a review of breaches reported to the Attorney General?s office in 2012 and 2013. It should come as no surprise that breaches are on the rise, but the Attorney General?s analysis of the reported breaches outlines the root causes of these breaches on an industry basis and recommends best practices to address the sources of those breaches...

Advisory Alert: CMS Reopens the Medicare Payment Adjustment Hardship Exception Application Submission Period for Certain Providers and Hospitals

Posted on October 29, 2014
Centers for Medicare & Medicaid Services (CMS) recentlyannouncedthe reopening of the submission period for hardship exception applications for eligible professionals and eligible hospitals that have been unable to fully implement 2014 Edition Certified Electronic Health Record Technology (CEHRT) due to availability delays...

Improving Data Breach Security, from the Customer?s Wallet on Up: In Wake of Massive Breaches, It May be Time to Consider Enhancing Customer Security with Chip-Embedded Payment Cards

Posted on October 29, 2014
In early September, Home Depot announced that it had suffered a severe security incident, which resulted in a massive data breach that exposed the payment card information of Home Depot customers across the United States and Canada. The home improvement retailer later confirmed that the breach was the result of malware designed by hackers to evade the company?s security measures, and which subsequently compromised the integrity of its sales register systems...

?Th-th-th-that?s All, Folks!? Federal Judge Dismisses Class Action against Cartoon Network, Finds Anonymous User IDs Don?t Qualify as Personal Information under VPPA

Posted on October 29, 2014
On October 8, Georgia Federal District Judge Thomas Thrash, Jr., dismissed a putative class action against The Cartoon Network, Inc., where the plaintiff alleged that the animation company violated the Video Privacy Protection Act (?VPPA?) by sharing its mobile app users? data with third parties without consent...

Chip-and-PIN is Coming?To the US Government

Posted on October 20, 2014
Last Friday, in the wake of numerous data breaches, President Obama signed a new Executive Order that will change how federal agencies use payment cards and allow access to certain government portals. Those changes include the adoption of chip-and-PIN (also known as EMV) payment terminals and cards, and the implementation of multi-factor authentication on digital applications where consumers can access personal information...

Second Circuit Adopts FCC?s Narrow Construction of ?Implied? Express Consent for Autodialed Calls to Cell Phones

Posted on October 20, 2014
This updates our report last summer on a Federal Communications Commission (FCC) letter brief filed at the invitation of the U.S. Court of Appeals for the Second Circuit in Nigro v. Mercantile Adjustment Bureau, which observed the FCC taking a noticeably less generous view of its then-recent declaratory rulings on whether consumer provision of a cell number is deemed consent to autodial it under the Telephone Consumer Protection Act (TCPA)...

Advisory: California Extends Its Medical Data Breach Notification Requirement From 5 to 15 Days

Posted on October 13, 2014
On Sept. 18, 2014, California?s governor approvedAssembly Bill 1755, extending California?s stringent breach notification deadline for medical information breaches from five business days to 15 business days for clinics, health facilities, home health agencies, and hospices...

Eleventh Circuit Reverses Refusal to Honor FCC?s TCPA Debt Collection Declaratory Ruling, Fosters Uniformity on TCPA?s Autodialing Exception

Posted on October 02, 2014
The U.S. Court of Appeals for the Eleventh Circuit has brought a bit of legal balance back to automated debt collection calls, and reminded lower courts that when it comes to claims under the Telephone Consumer Protection Act (TCPA), they must honor the validity of FCC rulings...

Google Street View Plaintiffs on the Hunt for ?a Needle in a Haystack? to Demonstrate Standing, but District Court Grants Plaintiffs Greater Role in Examination of Google?s Data

Posted on October 01, 2014
Back in April, Google filed a Petition for Certiorari with the U.S. Supreme Court in the Street View case, seeking review of the Ninth Circuit?s decision holding that unencrypted Wi-Fi signals are protected from interception by the federal Wiretap Act...

Advisory: Starting Oct. 6, Patients Can Access Test Reports Directly From Clinical Laboratories

Posted on October 01, 2014
On Oct. 6, 2014, afinal ruleissued jointly by the Centers for Medicare & Medicaid Services (CMS), Centers for Disease Control and Prevention (CDC), and Office for Civil Rights (OCR) will require all HIPAA-covered labs (i.e., labs that conduct certain electronic transactions, such as electronic submission of claims) to provide individuals with direct access to completed test reports and other protected health information (PHI) maintained about the individual...

Collecting Children?s Information is No Tiny Matter: Yelp, TinyCo Enter Expensive Settlements to Resolve Alleged App-Based COPPA Violations

Posted on September 24, 2014
The Federal Trade Commission recently announced it entered settlements with Yelp, Inc., and TinyCo, Inc., stemming from charges that both companies collected personal information from children under 13 years of age in violation of the Children?s Online Privacy Protection Act (COPPA) Rule...

Ninth Circuit Confirms Consultants and Other Middlemen May Be Vicariously Liable Under the TCPA

Posted on September 24, 2014
The U.S. Court of Appeals for the Ninth Circuit issued a decision in Gomez v. Campbell-Ewald Company holding that the defendant marketing consultant could be liable under the Telephone Consumer Protection Act (TCPA) for unsolicited text messages that it arranged for a separate third-party to send on behalf of a client, the U...

Advisory: CMS Issues Final Rule Providing Flexibility for Providers Unable to Fully Implement 2014 Technology to Demonstrate Meaningful Use in 2014

Posted on September 23, 2014
In response to providers being unable to fully implement 2014 Edition certified electronic health record technology (CEHRT) due to limited availability, CMS adoptedchanges proposed earlier this yearthrough afinal ruleallowing additional options for the 2014 reporting period and amending the meaningful use stage timeline...

Bloggers, promote your law blog by nominating your blog for inclusion in USLaw.com's Law Blog Directory and RSS Reader. Benefits described.
Related Law Bulletins

Related Law Articles

Related Law Questions
Related Searches

US Law
#1 Online Legal Resource

Your Blog Subscriptions
Subscribe to blogs

10,000+ Law Job Listings
Lawyer . Police . Paralegal . Etc
Earn a law-related degree
Are you the author of this blog? Adding USLaw.com to your Blogroll increases relevance. You qualify to display a USLaw Network badge.
Suggest changes to this blog's description or nominate another for inclusion. Register for updates.

Practice Area
Zip Code:

Contact a Lawyer Now!


1.1466 secs (from cache 12/19/14 03:07:01)