Archive for the ‘Security & Privacy’ Category

The Target Breach: How the Financial Industry is Reacting

Retail giant Target recently suffered a massive security breach during the busiest shopping season of the year. The breach involved the credit and debit card information of an estimated 40 million customers who shopped at one of Target’s retail stores between November 27th and December 15, 2013. So far, Target has not disclosed the precise […]

Affinity’s Wipeout Shows Importance Of Wiping Out PHI

http://www.law360.com/articles/474571/affinity-s-wipeout-shows-importance-of-wiping-out-phi Law360, New York (September 26, 2013, 5:53 PM ET) – The U.S.Department of Health and Human Services‘ Office for Civil Rights (OCR) is stepping up their enforcement efforts and cracking down on entities who violate the Health Insurance Portability and Accountability Act of 1996. Earlier this year, Idaho State University was fined $400,000 for […]

HIPAA and Emerging Technologies

The Health Insurance Portability and Privacy Act of 1996 (HIPAA) is 15 years old this year – still acting a bit like an uncertain, wide-eyed teenager responding to new developments. Although more mature, clarified by regulations, and supplemented by the HITECH Act, at its core HIPAA has remained relatively unchanged since its enactment. Societal changes […]

Worried About Employees Snooping for Patient Information? Worry More.

Contributed by M. Scott Koller as part of the Privacy Matters series. Hospitals are facing increased scrutiny over the privacy of patient medical records.  An investigation by HHS’s Office of Civil Rights concluded that a Southern California hospital failed to reasonably restrict access to patient information to only those employees with a valid reason to view the […]

Supreme Court Rules Corporations Do Not Have Personal Privacy Under the FOIA

The Supreme Court today ruled that corporations do not have personal privacy rights under FOIA Exemption 7(C).  The ruling can be found here. The issue was in a case brought by AT&T, whether a corporation could be considered a person pursuant to Exemption 7(C) and therefore be provided “privacy” rights for its information under the exemption.  […]

California Supreme Court Rules That Zip Codes Are Personal Identification Information

Retail stores across California routinely ask customers to provide a ZIP code when making a purchase.  This practice may now be prohibited following the California Supreme Court decision in Pineda vs. William Sonoma, __ Cal. 4th__ (February 10, 2011), holding that ZIP codes are “personal identification information” for the purposes of the Song-Beverly Credit Card […]

Laptop Border Searches Challenged by ACLU

Did you know that Federal Border Agents can search your laptop without cause?  Not just laptops, but also cell phones, PDA and digital cameras can all be searched for evidence of crimes when you enter the United States. Normally, the Fourth Amendment requires “probable cause” in order to search a person or their physical property.  […]

Supreme Court to Hear Case on 1st Amendment and Privacy.

In NASA vs. Nelson, the Supreme Court will address the question, “Can the government require employees, including private contract workers, to reveal personal details such as past drug use?” NASA is contesting a privacy ruling won by 28 Caltech employees who work at the Jet Propulsion Laboratory in La Canada Flintridge.

Social Networking Sites Fair Game for Evidence

The Boston Herald reports on a New York Bar Association opinion that lawyers can ethically use social networking sites to gather information on opposing parties in lawsuits. The explosion in the use of networks like Facebook and MySpace raises new legal questions about privacy rights, the report states, but an opinion released last week by […]

University Hospital Fined $250,000 for Breach

HealthLeaders Media reports that California Department of Public Health (CDPH) officials have fined Lucile Salter Packard Children’s Hospital at Stanford University $250,000–the maximum amount allowed under state law–for failing to report a breach of 532 patient medical records due to the theft of a hospital computer. The records included such information as names, dates of […]

Subscribe to RSS Feed