California Governor Brown is preparing to sign into law a new data security breach notification bill (S.B. 46) that expands the coverage of California’s existing breach law to include breaches of individuals’ online user names and email addresses, when acquired in combination with passwords or a security question and answer that would permit access to […]
Privacy
California Establishes Digital Privacy Rights Law for Minors: S.B. 568 Expands Online Privacy Protections Beyond Federal COPPA Rules and Extends Rights to All Children Under 18 Years of Age
California Governor Brown is preparing to sign into law an unprecedented children’s online privacy bill (S.B. 568), which adds a new chapter to the State’s Business and Professions Code (BPC) to protect the online privacy of children and teenagers who are under 18 years of age and reside in the State of California. The bill […]
New European Data Breach Rules for Telcos and ISPs
On August 25, 2013, a new European Regulation came into effect that changed and expanded upon the breach notification procedures set forth in the E-Privacy Directive (2002/58/EC). The Regulation outlines two independent notification obligations: (1) notification to the relevant national authority within 24 hours after detection of a personal breach where feasible; and (2) notification […]
HHS/OCR Posts HIPAA Privacy, Security and Breach Notification Audit Protocol
In our November 30, 2011 and March 7, 2012 posts, we discussed the HHS Office for Civil Rights (OCR) audit pilot program, which began in November 2011 and is expected to conclude in December 2012. The audit program has been developed pursuant to the requirements of the HITECH Act. Under the audit pilot program, OCR conducted an […]