by Daniel J. Solove It has long been difficult to quantify the ROI of data security awareness training. But finally, I have been able to locate a number. According to a 2014 PricewaterhouseCoopers study: “The financial value of employee awareness is even more compelling. Organizations that do not have security awareness programs—in particular, training for […]
Category: Privacy Training
Our Privacy Training programs at TeachPrivacy are ideal for general and role-based privacy awareness training. 150+ topics: HIPAA, FERPA, GDPR, CCPA, Phishing and more.
Lawsuits for HIPAA Violations and Beyond: A Journey Down the Rabbit Hole
by Daniel J. Solove At first blush, it seems impossible for a person to sue for a HIPAA violation. HIPAA lacks a private cause of action. So do many other privacy and data security laws, such as FERPA, the FTC Act, the Gramm-Leach-Bliley Act, among others. That means that these laws don’t provide people with […]
Should Celebrities Have Privacy? A Response to Jennifer Lawrence
by Daniel J. Solove In a recent AP story, actress Jennifer Lawrence had some rather extensive and passionate quotes about her loss of privacy. Not too long ago, Lawrence’s nude photos were stolen and leaked on the Internet by a hacker who hacked into her iCloud account. In her comments for the AP story, she […]
People Care About Privacy Despite Their Behavior
It is often said that people don’t care much about privacy these days given how much information they expose about themselves. But survey after survey emphatically concludes that people really do care about privacy.
Should the FTC Be Regulating Privacy and Data Security?
by Daniel J. Solove This post was co-authored with Professor Woodrow Hartzog. This past Tuesday the Federal Trade Commission (FTC) filed a complaint against AT&T for allegedly throttling the Internet of its customers even though they paid for unlimited data plans. This complaint was surprising for many, who thought the Federal Communications Commission (FCC) was […]
The Most Alarming Fact of the HIPAA Audits
by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #5 of a series called Enforcing Privacy and Security Laws. Under the Health Insurance Portability and Accountability Act (HIPAA), various organizations can be randomly selected to be audited – even if no complaint has been issued against them and […]
Ebola and Privacy: Snooping, Confidentiality, and HIPAA
by Daniel J. Solove The recent cases of Ebola in the United States demonstrate challenges to health privacy in today’s information age — both in preventing employees from snooping into patient information as well as preventing the disclosure of patient identities.
The Brave New World of HIPAA Enforcement
by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #4 of a series called Enforcing Privacy and Security Laws. The Health Insurance Portability and Accountability Act (HIPAA) regulations govern health information maintained by various entities covered by HIPAA (“covered entities”) and other organizations that receive health information from […]
Who Are the Privacy and Security Cops on the Beat?
by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #3 of a series called Enforcing Privacy and Security Laws.
The Privacy Pillory and the Security Rack: The Enforcement Toolkit
by Daniel J. Solove Are privacy and security laws being enforced effectively? This post is post #2 in a series called Enforcing Privacy and Security Laws. See the end of this post for links to other posts in this series. What kind of sanctions do privacy and security laws use for enforcement? In this post, […]