On August 1, 2016, the U.S. Department of Commerce began accepting self-certification applications for the new EU-U.S. Privacy Shield Framework. In the month that has followed over 100 companies (including Microsoft, Oracle and Salesforce, among others) have self-certified that they are in compliance with the EU-U.S. Privacy Shield.
The Office for Civil Rights within the U.S. Department of Health and Human Services (OCR) is the federal agency tasked with enforcing the Health Insurance Portability and Accountability Act (HIPAA). HIPAA, as most folks reading this know, requires health care providers and other covered entities to protect the privacy and security of an individual’s protected … Continue reading
by Privacy & Data Security Member Karin McGinnis
by Associate Breana Jeter The end of 2015 represented a mixed bag for the Federal Trade Commission on privacy enforcement. In November, the FTC’s Chief Administrative Law Judge dismissed the FTC’s complaint against LabMD for a possible data breach of 1,718 patients’ insurance claim information. The patient’s sensitive information was discovered on peer-to-peer software by a … Continue reading
I’ve been holding my breath waiting for the decision by the U.S. District Court for the Northern District of Chicago in the Allen v. City of Chicago overtime collective action before giving you a blog post on this case. The trial concluded almost two months ago. Because I am starting to turn blue, and because … Continue reading
On October 6, 2015, the European Union’s Court of Justice (the “ECJ”) invalidated the E.U. – U.S. Safe Harbor Framework (the “Safe Harbor”) — a data transfer arrangement upon which thousands of U.S. based companies have relied for legally transferring personal data outside of the European Union to the United States. In order to better … Continue reading