Category Archives: Privacy Law

Espionage and Export Controls: iPhone Hack Highlights New World of Warfare

Last week, researchers at Citizen Lab uncovered sophisticated new spyware that allowed hackers to take complete control of anyone’s iPhone, turning the phone into a pocket-spy to intercept communications, track movements and harvest personal data. The malicious software, codenamed “Pegasus,” is believed to have been developed by the NSO Group, an Israeli company (whose majority …

Read more »

Location Data Gathering Under Europe’s New Privacy Laws

The rise in popularity of apps and services that use location data (technology that pinpoints a consumer’s location automatically), like the smash-hit Pokémon Go, have EU privacy regulators calling on companies to ‘mind the gap.’ The much-anticipated General Data Protection Regulations (the “GDPR), as well as other EU privacy laws, aim to tighten up the …

Read more »

Guidance on Ransomware Attacks under HIPAA and State Data Breach Notification Laws

On July 28, 2016, US Department of Health and Human Services (HHS) issued guidance (guidance) under the Health Insurance Portability and Accountability Act (HIPAA) on what covered entities and business associates can do to prevent and recover from ransomware attacks. Ransomware attacks can also trigger concerns under state data breach notification laws. What Is Ransomware? …

Read more »

Pokémon Go – Staying Ahead of Game and Avoiding Unexpected HIPAA Risks

It was inevitable – Pokémon Go fever has swept the nation, and now little cartoon creatures have found their way into your health care facility. Wait, what!? Yes, you read that right, those pesky (or beloved, depending on your point of view) creatures are popping up literally everywhere, and unfortunately hospitals and other health care …

Read more »

Pokémon GO – Next Stop: Regulation & Litigation

As everyone is aware, the Pokémon GO craze has taken the world by storm in the past month. Reports estimate there have been over 75 million downloads of the digital game since the program became available on July 6.  Apple has not issued any concrete numbers, but has confirmed that it was the most downloaded …

Read more »

EU-US Privacy Shield to Launch August 1, Replacing Safe Harbor

I. Introduction: Privacy Shield to Go Live August 1 (at Last) The replacement for Safe Harbor is finally in effect, over nine months after Safe Harbor was struck down by the Court of Justice of the EU in the Schrems case. As most readers will be aware, Privacy Shield provides an important legal mechanism for …

Read more »

Celebrities And Snapchat Feuds: Are Recording Phonecalls Legal?

As most people know, there has been on-going feud between Taylor Swift and Kayne West. Last night, more fuel was added to the fire when Kayne’s wife, Kim Kardashian, went to Snapchat and posted recordings of a conversation between Ms. Swift and Mr. West which purport to show that Taylor was aware of off-colored lyrics …

Read more »

Will Brexit Undermine U.K. Participation in the General Data Protection Regulation and the U.S./E.U. Privacy Shield?

The June 23, 2016 Brexit referendum outcome in the U.K. does create uncertainty about whether the U.K. will continue to follow EU data protection laws, including implementation of the E.U.’s new General Data Protection Regulation (“GDPR”), scheduled to become effective on May 25, 2018. Furthermore, the recently negotiated new U.S./E.U. Privacy Shield, intended to replace the …

Read more »

security breaches

Fiduciary Risk in Data Privacy and Cybersecurity? You Bet!

Health plan administrators are (or certainly should be) well-versed in their obligations under the Health Insurance Portability and Accountability Act (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health Act (HITECH). Failure to secure protected health information (PHI) from disclosure can result in civil monetary penalties of up to $1.5 million …

Read more »

cybersecurity regulation

Announcement of "Privacy Shield" Gives Hope for U.S. Companies Who Previously Relied on Safe Harbor

We have previously discussed the EU Court of Justice’s invalidation of the long-standing Safe Harbor program, previously relied on by many organizations as a means of authorizing transfers of EU citizens’ private data to the United States. U.S. companies eagerly awaited news of a replacement for Safe Harbor and kept a close watch as the …

Read more »