Tag Archives: data privacy

ILN Today Post

Data Privacy and Cybersecurity Alert: New rule changes impact regulations governing online data collection from children under 13 years of age

Operators of commercial websites must be careful when designing and using interactive websites that collect personal information and other data from customers and consumers. Interactive websites that collect information by:

  1. Requesting, prompting or encouraging the submission of information (even if it’s optional)
  2. Letting information be made publicly available (example: open chat room or posting function)
  3. Passively tracking information through a separate child-directed site or service, or through an advertisement network, may be collecting such information from children.
Read full article
ILN Today Post

Data Privacy and Cybersecurity Alert: Professional service firms are the new target of cyber/data thieves

What are you doing to protect sensitive personal information and protected health information of your clients and your employees?

CPAs, law firms, PEOs, financial advisors, and insurance agents have at least two things in common:

  1. They have large amounts of sensitive Personal Information (PI) and Protected Health Information (PHI) about their clients and employees; and
  2. They are the new targets for sophisticated cyber/data thieves.
Read full article
ILN Today Post

Data Privacy and Cybersecurity Alert: Professional service firms are the new target of cyber/data thieves

What are you doing to protect sensitive personal information and protected health information of your clients and your employees?

CPAs, law firms, PEOs, financial advisors, and insurance agents have at least two things in common:

  1. They have large amounts of sensitive Personal Information (PI) and Protected Health Information (PHI) about their clients and employees; and
  2. They are the new targets for sophisticated cyber/data thieves.
Read full article
ILN Today Post

Data Privacy and Cybersecurity Alert: Tax season is also identity theft season

April is a critical time of year for businesses and individuals to assess their vulnerabilities to the onslaught of identity theft. Tax season finds the IRS inundated with filings and requests for tax refunds throughout the country. The government, unfortunately, lacks the manpower to ensure all of these filings are legitimate. Identity thieves, who now include sophisticated organized criminal groups among their ranks, are filing fraudulent tax returns by the thousands using stolen social security numbers acquired throughout the year. As a result, if you choose to file an extension on your return, you could be giving thieves the time they need to file your return first!

Read full article
ILN Today Post

Data Privacy and Network Security Alert: Can you keep a secret?

President Obama recently announced the Administration’s Strategy on Mitigating the Theft of U.S. Trade Secrets emphasizing the importance of protecting trade secrets. While the Strategy primarily involves government, there are important implications for the private sector. Specifically, the Strategy encourages the development of best practices by industry groups, improvements in domestic legislation review and increases in the resources available to small and medium businesses.

The Strategy cites research suggesting that “the pace of economic espionage and trade secret theft against U.S. corporations is accelerating.” It then outlines a strategy to coordinate and improve U.S. Government efforts to stop the theft of trade secrets by foreign competitors or foreign governments by any means – cyber or otherwise, including these measures:

Read full article
ILN Today Post

Data Privacy and Healthcare Alert: Final Rule implements HITECH revisions to Privacy and Security Rules

The Office for Civil Rights of the Department of Health and Human Services (OCR) issued an omnibus final rule (Final Rule) on January 17, 2013, implementing various provisions of the Health Information Technology for Economic and Clinical Health Act (HITECH Act or HITECH). The Final Rule revises the Privacy, Security and Enforcement Rules that were previously issued under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the interim final Breach Notification Rule that was previously issued in accordance with the HITECH Act. The Final Rule was published in the Federal Register on January 25, 2013, and is available here.

Read full article
ILN Today Post

Data Privacy and Network Security Alert: More changes to state breach notification laws

 

Vermont

The State of Vermont has substantially revised its data protection and breach notification law. The revisions to 9 V.S.A. Chapter 62 are summarized below:

  • The term “personally identifiable information” (PII) has been adopted and replaces the term “personal information” (PI).
  • A “security breach” is now defined as “unauthorized acquisition of electronic data or a reasonable belief of unauthorized acquisition of electronic data.”
  • The amendment also adds four factors for organizations to consider when determining whether PII has been acquired or is reasonably believed to have been acquired by an unauthorized person, including indications that the information:
Read full article
ILN Today Post

Data Privacy and Network Security Alert: Data security is top concern for directors and general counsel

In a recent study conducted by Corporate Board Member & FTI Consulting, Inc., 11,340 corporate directors and 1,957 general counsel were surveyed regarding legal risks on their radar. For the first time in the 12 years since the study has been conducted, data security was noted as the most prevalent concern among both directors (48 percent) and general counsel (55 percent). This level of concern has almost doubled in the last four years. For instance, in 2008, only 25 percent of directors and 23 percent of general counsel identified data security as an area of great concern.

Moreover, 33 percent of general counsel surveyed believe their board is not effective at managing cyber risk. This is one of the lowest ratings among the 13 risk management areas surveyed. 

Read full article
ILN Today Post

Data Privacy and Network Security Alert: Data breach survey results

The results of a 2012 Consumer Study on Data Breach Notification was recently released by Ponemon Institute and Experian Data Breach Resolution. The purpose of the study was to gain a better understanding of consumers’ opinions relative to the importance and value of receiving notification when their confidential personal information (PI) has been compromised. The study surveyed 2,832 consumers 18 years and older with 708 respondents recalling whether or not they received a data breach notification. Below is a summary of key findings from the study:

Read full article
ILN Today Post

"How to minimize the risk of, or respond to a data breach," Jim Giszczak and Dominic Paluzzi for Smart Business Magazine

In today’s electronic age, Personal Information (PI) and Protected Health Information (PHI) are being stored on multiple technological devices. Data security is increasingly a concern as companies have become targets for people, both internally and externally, misappropriating private information.

“What is most important in the data privacy arena is for your organization to partner with vendors that have significant experience advising clients on best practices, security and storage policies that deal with data breaches, while complying with state and international data security laws,” says James J. Giszczak, a member at McDonald Hopkins. “This area of law is rapidly changing and it’s critical that the complex privacy laws are both understood and followed.” 

Read full article