An article from yesterday caught my eye, “Court finds NJ users can expect privacy from Internet providers”
A few excerpts:
Archive for the ‘Laws & Regulations’ Category
Court Ruling: ISPs in New Jersey Must Keep Personal Information Private
Tuesday, January 23rd, 2007PIPEDA Action: Canadian Airline Refuses to Make Changes After Customer Complains
Monday, January 15th, 2007The Office of the Privacy Commissioner of Canada published findings last week for a PIPEDA case in which an individual complained that a Canadian airline refused to give him access to his personal information.
It is interesting that the names of organizations are not published within the decisions and summaries of the Privacy Commissioners.
Outsourcing: Dubai Strengthens Data Protection Law
Thursday, January 11th, 2007On Monday (1/8) the Dubai International Financial Centre (DIFC) implemented a stronger Data Protection Law and appointed a Data Protection Commission to oversee the DIFC.
“The Data Protection Law, which has been amended following a period of public consultation, ensures the protection of all personal information, including any sensitive personal data, and is compliant with the provisions of the laws and directives of the European Union and the guidelines of the Organisation for Economic Co-operation and Development (OECD), including the transfer of data.”
HIPAA Mobile and Remote Computing Security Guidance from CMS
Wednesday, January 10th, 2007Today I received notice that the Centers for Medicare & Medicaid Services (CMS) just issued a new publication, “Security Guidance for Remote Use‚Äù which is actually dated 12/28/2006.
“This document is intended to provide HIPAA covered entities with general information on the risks and possible mitigation strategies for remote use of Electronic Protected Health Information (EPHI).”
Michigan Inacts New Identity Theft and Breach Notice Law
Thursday, January 4th, 2007Yesterday (January 3) Michigan’s governor, Jennifer M. Granholm, signed a new identity theft and breach notification law, SB 309.
“Today’s technology has taken commerce and communication to new heights, but it also puts citizens at additional risk of identity theft as ever-increasing amounts of personal information are stored and transmitted electronically,” Granholm said. “While I am pleased to sign legislation that provides critical information to consumers, we must do more to provide our citizens with the tools they need to truly protect themselves.”
Regulatory Compliance Actions Must Include Effective, ongoing Awareness and Training Efforts
Friday, December 29th, 2006A great article was published on Law.com today written by Ryan Sulkin, “First Line of Defense Against Data Security Breaches: Employees.”
There are several points made that I hope business leaders read and take to heart.
Psychotherapy Notes Fiasco and HIPAA: Bad Legislation, Bad Enforcement, or Bad Covered Entity?
Thursday, December 28th, 2006The Pittsburgh Post-Gazette ran an interesting story today, “Spread of records stirs fears of privacy erosion.”
Basically this describes the trials and tribulations of a woman was denied disability benefits from her insurer following a car accident because of notes made by her psychologist. Reportedly the psychologist notes were intermingled with her general medical records.
US SAFE WEB Act Signed Into Law Today
Tuesday, December 26th, 2006Today the FTC announced President G.W. Bush signed the US SAFE WEB Act into law.
“Statement by Federal Trade Commission Chairman Deborah Platt Majoras On US SAFE WEB Act Being Signed Into Law by President George W. Bush
I am grateful to President Bush for signing the US SAFE WEB Act into law. The Act will help the Federal Trade Commission fight a range of practices that harm
American consumers – including fraudulent spam, spyware, misleading health and safety advertising, privacy and security breaches, and telemarketing fraud.
These practices are increasingly global in nature, and the US SAFE WEB Act will improve the FTC’s ability to cooperate with its foreign counterparts to combat them.”
Medical Identity Theft and HIPAA
Friday, December 22nd, 2006On Wednesday the Queens Gazette ran a report on medical identity theft.
This certainly is an issue of concern. I blogged about medical identity theft earlier this year.
Combining identity theft with unauthorized access to medical information certainly can lead to magnified repercussions beyond wrecked credit ratings and hundreds of hours spent trying to clean up all the damage a criminal can do with personally identifiable information (PII). The potential increases for further abusing and horribly impacting the involved individuals, metally, physically and financially, by having access to their prescription information, insurance information, physician information, medical history, and everything else involved.
