PRIVACY + SECURITY BLOG

News, Developments, and Insights

high-tech technology background with eyes on computer display

Information Fiduciaries and Privacy

Information Fiduciaries and Privacy 02 JPEG

Information fiduciaries have emerged as a major part of the discussion of privacy regulation.  In a nutshell, the information fiduciaries approach aims to apply aspects of fiduciary law to the companies that collect and use our personal data. As one court explained the fiduciary relationship: “A fiduciary relationship is one founded on trust or confidence […]

Cartoon: HIPAA Confidentiality and PHI Sharing

Cartoon HIPAA Confidentiality - TeachPrivacy HIPAA Training

Here’s a cartoon about HIPAA confidentiality and our modern medical system. In the old days, medical confidentiality meant that people’s health information was seen by just a handful of people – doctors and their staff. These days, health information is widely shared. Countless people see a patient’s medical records and numerous organizations are provided with […]

HIPAA Cartoon: Breach of Confidentiality

Cartoon HIPAA Confidentiality - TeachPrivacy HIPAA Training 02

This HIPAA cartoon involves confidentiality. There are countless cases of misdirected PHI that is emailed or faxed to the wrong people. I recently created a new short course on HIPAA Confidentiality.  You can learn more about it here. HIPAA Resources HIPAA Training Courses HIPAA Training Guide HIPAA Training Requirements FAQ HIPAA Whiteboard HIPAA Resources

Silencing #MeToo: How NDAs and Litigation Stifle Victims, Innovators, and Critics — An Interview with Orly Lobel

  Countless women have been coming forward to say #MeToo and share their traumatic stories of sexual harassment and assault. But there are many stories we’re not hearing. These stories are being silenced by extremely broad nondisclosure agreements (NDAs), some made at the outset of employment and others when settling litigation over sexual harassment. They […]

Attorney Confidentiality, Cybersecurity, and the Cloud

Law firm data security

There is a significant degree of confusion and lack of awareness about attorney confidentiality and cybersecurity obligations.  This issue is especially acute when it comes to using the cloud to store privileged documents.  A common myth is that storing privileged documents in the cloud is a breach of attorney-client confidentiality.  In other instances, many attorneys […]

Without Scalia, Will There Be a 4th Amendment Revolution?

The passing of Justice Antonin Scalia has brought a wave of speculation about current and future U.S. Supreme Court cases.  One area where there might be a significant impact will be the 4th Amendment, which provides the primary constitutional protection against government surveillance and information gathering.  A new justice could usher in a dramatic expansion […]

The Kafkaesque Sacrifice of Encryption Security in the Name of Security

Encryption Backdoors - Kafkaesque

By Daniel J. Solove Proponents for allowing government officials to have backdoors to encrypted communications need to read Franz Kafka.  Nearly a century ago, Kafka deftly captured the irony at the heart of their argument in his short story, “The Burrow.” After the Paris attacks, national security proponents in the US and abroad have been […]

K-12 Schools Must Teach Data Privacy and Security

By Daniel J. Solove It is essential that children learn about data privacy and security.  Their lives will be fully enveloped by technologies that involve data.  But far too little about these topics is currently taught in most schools.  Fortunately, there is a solution, one that I’m proud to have been involved in creating.  The […]

Sunken Safe Harbor: 5 Implications of Schrems and US-EU Data Transfer

By Daniel J. Solove In a profound ruling with enormous implications,the European Court of Justice (ECJ) has declared the Safe Harbor Arrangement to be invalid. [Press Release]  [Opinion] The Safe Harbor Arrangement The Safe Harbor Arrangement has been in place since 2000, and it is a central means by which data about EU citizens can […]

Why HIPAA Matters: Medical ID Theft and the Human Cost of Health Privacy and Security Incidents

By Daniel J. Solove Whenever I go to a doctor and am asked what I do for a living, I say that I focus on information privacy law. “HIPAA?” the doctors will ask. “Yes, HIPAA,” I confess. And then the doctor’s face turns grim.  At first, it looks like the face of a doctor about […]