House Committee Staff Report Finds Equifax Data Breach Entirely Preventable, Provides Recommendations for Consumer Reporting Agencies

Share

After a 14-month investigation into the 2017 Equifax data breach, which was one the largest in U.S. history, the House Oversight and Government Reform Committee released a report in December.

Continue reading “House Committee Staff Report Finds Equifax Data Breach Entirely Preventable, Provides Recommendations for Consumer Reporting Agencies”

California AG to Hold Public Forums on CCPA

Share

The California Attorney General invites interested persons to provide comments on the California Consumer Privacy Act (CCPA) rulemaking at a series of six public forums around the state in January and February 2019. The first forum is slated for January 8 in San Francisco.

Continue reading “California AG to Hold Public Forums on CCPA”

$500,000 Settlement for Failure to Comply with Basic HIPAA Compliance Requirements

Share

Advanced Care Hospitalists PL (ACH) and the Office for Civil Rights of the U.S. Department of Health and Human Services (HHS-OCR) entered into a $500,000 no-fault settlement and two year corrective action plan (CAP) to settle potential violations of the Health Insurance Portability and Accountability Act (HIPAA).

Continue reading “$500,000 Settlement for Failure to Comply with Basic HIPAA Compliance Requirements”

NIST Seeks Public Comment on Developing a Privacy Framework

Share

The National Institute of Standards and Technology (NIST) published its request for information (RFI) covering a series of questions designed to assist in the development of a voluntary framework meant to improve the management of the privacy risk that could arise from the collection, storage and use of individuals’ information in the Federal Register on November 14, 2018.

Continue reading “NIST Seeks Public Comment on Developing a Privacy Framework”

UK Information Commissioner’s Office Fines Direct Marketing Company for PECR Violation

Share

The UK Information Commissioner’s Office (ICO) announced that it has fined a direct marketing company, Everything DM Ltd. (EDML) £ 60,000 ($77,421) for failing to take reasonable steps to ensure that unsolicited marketing emails sent on behalf of its clients complied with privacy laws applicable to electronic communications.

Continue reading “UK Information Commissioner’s Office Fines Direct Marketing Company for PECR Violation”

Brazil Adopts New Privacy Law Similar to GDPR

Share

On August 14, the president of Brazil signed the Brazilian General Data Protection Law (LGPD) into law. It will become effective on Valentine’s Day 2020. The elements of the new law are similar to the European Union’s General Data Protection Regulation (GDPR).

Continue reading “Brazil Adopts New Privacy Law Similar to GDPR”