The Department of Commerce announced the approval of the United States’ participation in the Asia-Pacific Economic Cooperation Cross-Border Privacy Rules system (CBPR). The CBPR promotes “a baseline set of data privacy practices for companies doing business in participating APEC economies. The goal of the system is to enhance electronic commerce, facilitate trade and economic growth, and strengthen […]
FTC Files Complaint Against Wyndham Worldwide Corp. for Data Breach
On June 26, 2012, the Federal Trade Commission (“FTC”) filed a complaint in federal district court in Arizona against Wyndham Worldwide Corporation and three subsidiaries (“Wyndham”) alleging that the company’s failure to adequately safeguard customers’ personal information led to millions of dollars in losses to fraud. The FTC complaint alleges that repeated security failures exposed customers’ […]
Senate Republicans Reintroduce Revised Cybersecurity Bill, S. 3342, the SECURE IT Act
This afternoon, Senators John McCain (R-AZ), Kay Bailey Hutchison (R-TX), Chuck Grassley (R-IA), Saxby Chambliss (R-GA), Lisa Murkowski (R-AK), Dan Coats (R-IN), Ron Johnson (R-WI), and Richard Burr (R-NC) reintroduced the Strengthening and Enhancing Cybersecurity by Using Research, Education, Information, and Technology (SECURE IT) Act, which now bears the number S. 3342. As outlined in […]
HHS/OCR Posts HIPAA Privacy, Security and Breach Notification Audit Protocol
In our November 30, 2011 and March 7, 2012 posts, we discussed the HHS Office for Civil Rights (OCR) audit pilot program, which began in November 2011 and is expected to conclude in December 2012. The audit program has been developed pursuant to the requirements of the HITECH Act. Under the audit pilot program, OCR conducted an […]
HIPAA/HITECH Act Privacy Rule Delayed?
Despite recent indications from HHS and the Director of HHS’s Office for Civil Rights (OCR) that the HIPAA/HITECH Act Omnibus Final Rule is extremely close to publication, the White House’s Office of Management and Budget (OMB) has extended its review of the rule under Executive Order 12866. As we recently commented, in a report published […]