PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Higher Education Needs Privacy Officers and Privacy/Security Training

by Daniel J. Solove In 2007, Seung Cho, a student at Virginia Tech, killed 32 students and faculty and wounded 17. He then committed suicide. One of the most troublesome things about this incident was that it might have been prevented if school officials and employees had a better grasp of privacy law. Appointed by […]

New Privacy Training Programs: US, EU, and Global Privacy Law

by Daniel J. Solove We have launched several new privacy training programs, including a series with brief introductions to privacy law.  We have completed a privacy training program about US Privacy Law with a video and interactive material / quiz questions.  And we just completed a training program about EU Privacy Law.  This program has […]

New Financial Privacy Training Programs

by Daniel J. Solove We have begun producing a new program series about financial privacy.  The first two programs are completed. The first part is an overview video that discusses the importance of financial privacy and the various laws and regulations that regulate.  These laws and regulations are discussed very broadly.  The video concludes with […]

HIPAA Turns 10: Analyzing the Past, Present, and Future Impact

by Daniel J. Solove In the April issue of the Journal of AHIMA, I authored two short pieces about HIPAA: HIPAA Turns 10: Analyzing the Past, Present, and Future Impact 84 Journal of AHIMA 22 (April 2013) HIPAA Mighty and Flawed: Regulation has Wide-Reaching Impact on the Healthcare Industry 84 Journal of AHIMA 30 (April […]

The HIPAA-HITECH Regulation, the Cloud, and Beyond

by Daniel J. Solove The new HIPAA-HITECH regulation is here. Officially titled “Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules,” this new regulation modifies HIPAA in accordance with the changes mandated by the HITECH Act of 2009. After years of waiting and many false alarms that the regulation was going to be […]

Final HIPAA-HITECH Regulation

posted by Daniel J. Solove The final HIPAA-HITECH regulation is finally out!  Clocking in at 563 pages long, the regulation, which is entitled “Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules” will be published in the Federal Register on January 25, 2013.  You can download the PDF of the pre-publication version here.

Educational Institutions and Cloud Computing: A Roadmap of Responsibilities

by Daniel J. Solove Increasingly, educational institutions and state entities handling student data are hiring outside companies to perform cloud computing functions related to managing personal information. The benefits of cloud computing are that outside entities might be more sophisticated at managing personal data. These entities may be able to manage data more inexpensively and […]

Employer Social Media Policies: A Brave New World

Posted by Daniel J. Solove The frequent use of social media by employees has created a new domain of risk for employers – employees who reveal confidential or sensitive information or who otherwise say things that damage their institution’s reputation or create strife with their colleagues. For example, in the healthcare context, in a number […]

Privacy Torts in Canada and the International Convergence of Privacy Law

Canadian Flag

In a recent case, the Court of Appeal for Ontario, Canada recognized the privacy torts that are widely-recognized in the United States.  Many foreign common law jurisdictions, including the United Kingdom and other countries, have steadfastly refused to recognize the privacy torts spawned by the 1890 law review article by Samuel Warren and Louis Brandeis, […]