Looking further at the crystal ball and what may catch our attention in 2013, let’s consider Privilege. Assume a breach of PII from an organization. The internal investigation team is likely to consist of in-house counsel, an IT group and a “C-suite” executive. Are communications with in-house counsel privileged? As with most things, it depends – on the jurisdiction and whether the communications… Continue Reading
Category Archives: Privacy
Subscribe to Privacy RSS FeedBack to School: Are Schools Making the Grade in Cyber Security? Our Webinar Series Continues on September 6
Posted in Cyber Breach, Education, Insurance, Privacy, WebinarJoin us on September 6, 2012 at 10:00 C.S.T. for “Back to School: Are Schools Making the Grade in Cyber Security,” the fifth webinar in our Webinar Series on Cyber and Privacy Breaches and their Insurance Impact Our September 6 webinar addresses cyber and privacy risks for schools, as well as the insurance issues presented… Continue Reading
Pulling the Plug: Cyber Risks and the Energy & Utilities Industries — Our Cyber & Privacy Webinar Series Continues May 22
Posted in Energy, Insurance, Privacy, Utilities, WebinarJoin us on May 22, 2012 at 10:00 C.S.T. for “Pulling the Plug: Cyber Risks and the Energy & Utilities Industries,” the fourth webinar in our Webinar Series on Cyber and Privacy Breaches and their Insurance Impact Our May 22 webinar addresses cyber and privacy risks for the energy and utilities industries, as well as… Continue Reading
Reminder: Webinar Series on Cyber & Privacy Breaches & Their Insurance Impacts Starts October 4
Posted in Breach Notification Laws, Coverage, Insurance, Privacy, Privacy LegislationOur webinar series on cyber and privacy breaches and their insurance impacts begins on October 4, 2011 at 10:00 C.S.T. with the introductory presentation Cyber Data: If You Use It, Don’t Lose It: An Introduction to Cyber and Privacy Breaches and Their Insurance Impact. You can still register here for this complimentary webinar. See you… Continue Reading
UPDATE: Privacy Concerns Delay Borders Bankruptcy
Posted in FTC, Privacy, RetailUPDATE: The Borders bankruptcy judge approved the $13.9 million sale of Borders’ IP assets to Barnes & Noble after the parties agreed to provide Borders customers with email notification of the sale and 15 days to opt-out of the transfer. The parties will also run an advertisement in USA Today providing information on the opt-out… Continue Reading
HHS Issues its First Annual Report to Congress on HIPAA Compliance
Posted in Health Records Privacy, Healthcare, HIPPA, physician, Privacy, Privacy LegislationAs required by the HITECH Act, the Department of Health and Human Services (“HHS”) in August issued its first annual report to Congress regarding compliance with the HIPAA Privacy and Security Rules. The HIPAA Privacy Rule established national standards to protect medical records and personal health information (“PHI”), while limiting the use and disclosure of such… Continue Reading
Connecticut AG Takes on Facebook – Update
Posted in Attorney General Action, PrivacyOne day after questioning Citigroup over its recent data breach, the Connecticut Attorney General took on another corporate giant — Facebook. On June 14, 2011, the Connecticut AG sent a letter to Facebook demanding a meeting to discuss Facebook’s widely criticized facial recognition software. As has been widely reported, Facebook announced its plan to implement… Continue Reading
The Pineda Storm Travels East
Posted in Class Action, Privacy, RetailMassachusetts is now poised to become the second state to consider whether retailers who request and store zip codes during the course of a credit card transaction violate a consumer privacy statute. A complaint entitled Tyler v Michaels Stores, Inc. was filed May 23, 2011 in the federal court for the District of Massachusetts. Plaintiff, who seeks… Continue Reading
Connecticut AG Demands Answers from Citigroup
Posted in Breach Notification Laws, Cyber Breach, PrivacyIn what is likely the first of many state inquires to come, the Connecticut Attorney General sent a letter on June 13, 2011 to Citigroup, Inc. requesting more information about the recent data breach it announced last week. On June 9, 2011, Citigroup announced that unidentified hackers had breached its system and accessed data belonging… Continue Reading
See You At NetDiligence
Posted in Cyber Breach, PrivacyWe look forward to seeing friends and colleagues at the 2nd NetDiligence ® Cyber Risk and Privacy Liability Forum in Philadelphia on June 9-10,2011. (See NetDiligence at www.netdiligence.com)
The Pricetag On Privacy
Posted in Class Action, PrivacyTerry Baynes reports in Thompson Reuters News & Insight’s California Legal that sums paid to settle recent high profile privacy breach class actions netted as little as $250 per plaintiff, although the class action plaintiff lawyers received between $500,000 and $6.5 million in attorney fees. Cashing in On Privacy Breaches by Terry Baynes The defendant… Continue Reading
Emailed Receipts Exempt from FACTA Requirments
Posted in Credit Card Transaction, FACTA, Privacy, Privacy Legislation, RetailAn electronic receipt transmitted to a customer via email is not subject to the FACTA privacy regulations according to the 9th Circuit. While retailers are continuing to struggle with the remifications of the California Supreme Court Pineda decision (See our post here), the 9th Circuit decision in Simonff v. Expedia, Inc. represents a small victory. After… Continue Reading
Children’s Privacy Breach Costs Disney Subsidiary $3 Million
Posted in COPPA, Privacy, Privacy LegislationDisney’s Playdom, Inc. subsidiary and its Senior Vice-President Howard Marks have agreed to pay $3 million to settle charges by the FTC that they collected and disclosed personal information of more than 1.2 million children in violation of the Children’s Online Privacy Protection Act (“COPPA”). Between 2006 and 2010, Playdom operated approximately 20 online virtual… Continue Reading
Pineda Fall-Out Continues in California
Posted in Credit Card Transaction, Privacy, RetailThe California legislature has reacted swiftly and across party lines to stem the litigation flood in the wake of Pineda v. Willams-Sonoma Stores, Inc. In that case, the California Supreme Court ruled unanimously that a zip code constitutes “personal identification information” under the Song-Beverly Credit Card Act of 1971. (California Civil Code Section 1747.08(b). [Pineda v Williams Sonoma, Inc.] … Continue Reading
Privacy of Pharmaceutical Records Challenged
Posted in Breach Notification Laws, Cloud Computing, Coverage, Cyber Breach, Health Records Privacy, HIPPA, Insurance, Privacy, Privacy Legislation, ReinsuranceWhen a pharmacy fills a prescription, it records the drug, dosage, prescribing physician, age and gender of the patient. The pharmacy sells this information to “data miners” who compile reports about the physician’s prescription habits. The data miners then sell their research to pharmaceutical companies, who use the data for target marketing to doctors most likely to… Continue Reading
SEC Fines Executives for Disclosure of Non-Public Information
Posted in PrivacyOn April 7, 2011, the SEC announced charges and fines against three former executives of GunnAllen Financial Inc. for failing to protect confidential customer information. This is the first time the SEC has assessed financial penalties against individuals for failing to protect confidential customer information. The SEC alleges that as GunnAllen was winding down its… Continue Reading
Data Breach Costs on the Rise: Can Insurers Help Lower the Costs?
Posted in Coverage, Cyber Breach, Insurance, PrivacyIn its 2010 U.S. Costs of a Data Breach study, the Ponemon Institute reported that the costs associated with data breaches continued to rise last year and more specifically, that the costs incurred by those companies that responded quickly to the breaches were significantly higher than those paid by companies that responded more slowly. These… Continue Reading