PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

The Health Data Breach and ID Theft Epidemic

By Daniel J. Solove When you go to the hospital, you might worry about catching a staph infection or pneumonia, but you should also worry about contracting a nasty case of medical identity theft. Most people suffer significant harm from medical ID theft, and few are completely cured. This ailment is spreading dramatically as data […]

Why the Anthem Data Breach Is Needlessly Harmful

By Daniel J. Solove Recently, Anthem, one of the largest health insurance providers, suffered a massive data breach involving personal data on up to 80 million people. According to Anthem, the data breached includes “names, dates of birth, member ID/ social security numbers, addresses, phone numbers, email addresses and employment information.”

Drones, Data Breaches, Cramming, and Other Privacy + Security Updates

by Daniel J. Solove This post is co-authored with Professor Paul M. Schwartz. This post is part of a post series where we round up some of the interesting news and resources we’re finding. For a PDF version of this post, and for archived issues of previous posts, click here. We became quite busy after […]

Notable Privacy and Security Books 2014

Notable Privacy Security Books 2014 - TeachPrivacy 01

There were quite a number of books published about privacy and security issues last year, and I would like to highlight a few notable ones. A few books came out in late 2014 and have an early 2015 publication date. I’m including them here. The books are in no particular order.

Privacy and Security Developments 2014 Issue 1

by Daniel J. Solove Issue 2014 No. 1 This post is co-authored with Professor Paul M. Schwartz. We spend a lot of time staying up to date so we can update our casebooks and reference books, so we thought we would share with you some of the interesting news and resources we’re finding. We plan […]

Lawsuits for HIPAA Violations and Beyond: A Journey Down the Rabbit Hole

by Daniel J. Solove At first blush, it seems impossible for a person to sue for a HIPAA violation. HIPAA lacks a private cause of action. So do many other privacy and data security laws, such as FERPA, the FTC Act, the Gramm-Leach-Bliley Act, among others. That means that these laws don’t provide people with […]

The Most Alarming Fact of the HIPAA Audits

by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #5 of a series called Enforcing Privacy and Security Laws. Under the Health Insurance Portability and Accountability Act (HIPAA), various organizations can be randomly selected to be audited – even if no complaint has been issued against them and […]

Ebola and Privacy: Snooping, Confidentiality, and HIPAA

by Daniel J. Solove The recent cases of Ebola in the United States demonstrate challenges to health privacy in today’s information age — both in preventing employees from snooping into patient information as well as preventing the disclosure of patient identities.

The Brave New World of HIPAA Enforcement

by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #4 of a series called Enforcing Privacy and Security Laws. The Health Insurance Portability and Accountability Act (HIPAA) regulations govern health information maintained by various entities covered by HIPAA (“covered entities”) and other organizations that receive health information from […]

The Privacy Pillory and the Security Rack: The Enforcement Toolkit

by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #2 in a series called Enforcing Privacy and Security Laws. See the end of this post for links to other posts in this series. What kind of sanctions do privacy and security laws use for enforcement? In this post, […]