Our experienced team views data breach response as a joint effort in partnership with the client where the client’s philosophy, brand and customer base are considered integral in reconciling compliance with the numerous, and often competing, laws and regulations. [...]
A MASSACHUSETTS HEALTH CARE PROVIDER AGREED TO PAY $1.5 MILLION TO SETTLE A HIPAA PRIVACY VIOLATION
HHS’ Office of Civil Rights announced this week that a Mass. health care provider will pay a $1.5 million settlement to resolve a HIPAA privacy violation. http://www.hhs.gov/ocr/privacy/hipaa/enforcement/examples/meei-agreement.html. The monetary settlement is part of a resolution agreement and the result of the alleged 2010 theft of a laptop computer that held 3,621 patient records. The … Continue reading
Dropbox Sued for Data Breach – Plaintiff Seeks Class Action
In May, we discussed the FTC’s investigation of whether Dropbox encrypts data stored according to industry best practices in order to decrease the risk of data breach and identity theft to its customers. On June 20th, Dropbox announced that after a code change, it discovered that it had accidentally turned off password authentication for its … Continue reading
FTC Called to Investigate Security of Dropbox
Cloud storage services are used daily by businesses to share proposals, invoices, important confidential documents, etc. Cloud storage services are also used to share personal information amongst family and friends, including photos, receipts, travel plans, etc. With the recent high profile attacks on data, the Federal Trade Commission (“FTC”) has been called to investigate Dropbox, the popular cloud storage service … Continue reading
Everyone is Jumping into the Location-Based Tracking Privacy Debate
Recently, we learned that Apple may track users’ location in hidden files on iPhones and iPads. Google and Microsoft may be doing something similar. Senator Patrick Leahy (D-VT), Chairman of the Judiciary Committee, recently introduced a Bill called the Electronic Communications Privacy Act Amendments of 2011 [.pdf] that would amend the Electronic Communications Privacy Act. The legislation would require the … Continue reading
The FTC Settles Violations of the Children’s Online Privacy Protection Act for $3M
The FTC announced on May 12, 2011 that it has reached the largest civil penalty settlement of the Children’s Online Privacy Protection Act (COPPA) with Playdom (now owned by Disney) for $3M. Playdom, an online game developer, was accused of collecting and disclosing the information about hundreds of thousands of children under 13 without the parental consent. The websites were previously … Continue reading
Responding to Breach of Employee Information Can Be Challenging
Responding to breaches involving employee information can be challenging, primarily because the affected employees see other affected colleagues at the coffee station, in the lunch room, or even walking down the hallway. Unlike most breaches, the affected employees have more opportunity to talk about a breach event with others affected. Also, whether legitimate or not, … Continue reading