PRIVACY + SECURITY BLOG

News, Developments, and Insights

10 Implications of the New EU General Data Protection Regulation (GDPR)

EU GDPR Training General Data Protection Regulation

Last week, the EU issued the General Data Protection Regulation (GDPR), a long-awaited comprehensive privacy regulation that will govern all 28 EU member countries.  Clocking in at more than 200 pages, this is quite a document to digest.  According to the European Commission press release: “The regulation will establish one single set of rules which […]

Read More…

Lessons from the Latest HIPAA Enforcement Action

HIPAA Training OCR Enforcement

by Daniel J. Solove Recently, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) publicized its resolution agreement in its HIPAA enforcement action against St. Elizabeth’s Medical Center (SEMC).  SEMC agreed to pay $218,000. The case began with a complaint filed with OCR back in 2012 that employees […]

Read More…

The OPM Data Breach: Harm Without End?

By Daniel J. Solove The recent breach of the Office of Personnel Management (OPM) network involved personal data on millions of federal employees, including data related to background checks. OPM is now offering 18 months of free credit monitoring and identity theft insurance to victims. But as experts note in a recent Washington Post article, […]

Read More…

Law Firm Cyber Security and Privacy Risks

law firm data security

By Daniel J. Solove Law firms are facing grave privacy and security risks. Although a number of firms are taking steps to address these risks, the industry as a whole needs to grasp the severity of the risk. For firms, privacy and security risks can be significantly higher than for other organizations. Incidents can be […]

Read More…

Why the C-Suite Should Have Coffee with the Privacy and Security Officers Every Week

  by Daniel J. Solove As I discussed in a previous post, the two key things that organizations can do to prevent data incidents can be summed up in a simple rhyme: The C-Suite must care The workforce must be aware In this post, I want to focus on the “C-Suite” – a term used […]

Read More…