PRIVACY + SECURITY BLOG

News, Developments, and Insights

HIPAA’s Long Arm — and Why It’s a Good Thing

Recently, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its first HIPAA resolution agreement and monetary penalty against a business associate (BA). […]

Read More…

Can the FBI Force Apple to Write Software to Weaken Its Software?

A dramatic legal battle is taking place that will have dramatic implications for the future of technology, privacy, security, and the extent of government power.  The FBI obtained an order from a magistrate judge to force Apple to develop software to help the FBI break into an encrypted iPhone. […]

Read More…

Lessons from the Latest HIPAA Enforcement Action

by Daniel J. Solove Recently, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) publicized its resolution agreement in its HIPAA enforcement action against St. Elizabeth’s Medical Center (SEMC).  SEMC agreed to pay $218,000. The case began with a complaint filed with OCR back in 2012 that employees […]

Read More…

Cybersecurity: Leviathan vs. Low-Hanging Fruit

by Daniel J. Solove There are certainly many hackers with sophisticated technical skills and potent malicious technologies.  These threats can seem akin to Leviathan — all powerful and insurmountable. It can be easy to get caught up focusing on the Leviathan and miss the low-hanging fruit of cybersecurity.  This low-hanging fruit consists of rather simple […]

Read More…

More Data Lost: 1.3 Million Student Loan Recipients

From CNET: About 1.3 million customers of a Texas provider of student loans are at risk of ID fraud, after a contractor lost computer equipment with sensitive information on them. The equipment, which was not identified, contains the names and Social Security numbers of the borrowers, the Texas Guaranteed Student Loan company said in a statement […]

Read More…