| Title |
Date |
Authors |
Type |
Download |
| Advanced Cyber Security Center Launch Conference Materials |
Sep 20, 2011 |
Michele A. Whitham |
General |
Download |
SUMMARY
An overview and summary tables of federal and state laws regulating data security privacy in the United States as of September 2011.
[Learn More]
|
| FTC Proposes Privacy Framework That Will Impact the Business Model of All Online and Mobile Advertising Companies |
Dec 6, 2010 |
David A. Broadwin, Hillary F. Peterson, Patrick Connolly |
|
|
Client Alert - December 6, 2010
SUMMARY
The Federal Trade Commission (FTC) just published its preliminary Staff report setting out its proposed framework for protecting privacy in the digital economy. View the FTC’s press release here. The FTC is seeking comments on its proposed framework by January 31, 2011 and expects to issue a final report in 2011.
[Learn More]
|
| HHS Proposed Major Changes to HIPAA Privacy, Security and Enforcement Rules |
Jul 12, 2010 |
Colin J. Zick, Maia M. Larsson |
Alert |
|
Security & Privacy Alert - July 12, 2010
SUMMARYOn July 8, 2010, the Department of Health and Human Services (“HHS”) issued a notice of proposed rulemaking (“NPRM” or “proposed rule”) modifying the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy, Security, and Enforcement Rules pursuant to the Health Information Technology for Economic and Clinical Health Act (“HITECH”), which was enacted February 17, 2009 as part of the American Recovery and Reinvestment Act of 2009, Pub. L. 111-5. [more...]
[Learn More]
|
| FTC Delays Enforcement of Red Flags Rule Through December 31, 2010 To Give Congress Time To Exempt Certain Businesses From Rule’s Requirements |
May 28, 2010 |
|
Alert |
|
Security & Privacy Alert - May 28, 2010
SUMMARYThis morning, Friday, May 28, 2010, the Federal Trade Commission (FTC) announced that it was extending the deadline for enforcement of the Red Flags Rule through December 31, 2010, in order to give Congress sufficient time to amend the law to exclude certain businesses from application of the Rule. [continues... ]
[Learn More]
|
| Reminder: March 1, 2010 Deadline to Comply With Massachusetts Information Security Regulations Is Right Around the Corner |
Feb 17, 2010 |
|
Alert |
|
Security & Privacy Alert - February 17, 2010
SUMMARY
Businesses that have not adopted written information security programs to comply with the Massachusetts information security regulations have little more than a week to wrap up their compliance efforts. Monday, March 1, 2010 is the deadline set by the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) for businesses around the world that handle the personal information of Massachusetts residents to comply with the strict Massachusetts regulations.
[Learn More]
|
| New Deadline For Red Flags Rules: FTC Gives Businesses Until June 1, 2010 To Develop Compliant Identity Theft Prevention Programs |
Nov 2, 2009 |
Jeff Bone |
Alert |
|
Security & Privacy Alert - November 2, 2009
SUMMARYOn Friday, October 30, 2009, just two days before the Federal Trade Commission (FTC) was set to begin enforcement of federal Red Flags Rules, the FTC announced that it was giving businesses seven additional months, until June 1, 2010, to comply with the new identity theft regulations. ( more...) [Learn More]
|
| Massachusetts Regulators Propose Amendments to Information Security Regulations, Delay Enforcement Until March 1, 2010 |
Aug 18, 2009 |
Colin J. Zick |
Alert |
|
Security & Privacy Alert - August 18, 2009
SUMMARY
On Monday, August 17, 2009, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) indicated that it will be modifying some provisions of the strict Massachusetts information security regulations first promulgated last year, 201 CMR 17.00 et seq. Of most immediate concern to many businesses, OCABR will extend the deadline to comply with the regulations from January 1, 2010 to March 1, 2010.
(more...) [Learn More]
|
| Five Key Steps to Developing an Information Security Program |
Jul 17, 2009 |
|
eBook |
Download |
SUMMARY
Information security — the discipline of protecting information found in paper documents, electronic files and emails — has become increasingly important in business. As reports of identity theft, data breaches and cybercrime have become more common, government has begun to call on businesses, both large and small, to take on new responsibilities for protecting sensitive information.
Responding to the rising tide of damaging security incidents, the federal government and the majority of states have enacted laws and regulations requiring individuals and companies to adopt comprehensive information security programs to protect sensitive information. (more...) [Learn More]
|
| Last Minute Reprieve: FTC Gives Businesses Until August 1, 2009 to Adopt Identity Theft Prevention Programs To Comply With Federal Red Flags Rules |
May 1, 2009 |
|
Alert |
|
Security & Privacy Alert - May 1, 2009
SUMMARYOn Thursday, April 30, 2009, just 24 hours before the Federal Trade Commission (FTC) was set to begin enforcement of federal Red Flags Rules, the FTC announced that it was giving businesses three additional months, until August 1, 2009, to comply with the new identity theft regulations. The FTC also promises to provide a “template” for compliance directed to “entities that have a low risk of identity theft.” This announcement is welcome news for businesses that have been struggling to develop a compliant program by the end of the day today. [Learn More]
|
| New Health Information Privacy and Security Provisions in the American Recovery and Reinvestment Act of 2009 |
Feb 25, 2009 |
Colin J. Zick |
Alert |
|
Security & Privacy Alert - February 25, 2009
SUMMARY
Somewhat lost in the American Recovery and Reinvestment Act of 2009 (“ARRA”), among the hundreds of pages describing billions in stimulus spending and tax relief, are significant new health information privacy and security provisions. These provisions have the potential to impact every “covered entity” under HIPAA, including hospitals, physicians and health plans, as well as “business associates” who were not previously covered by HIPAA.
[Learn More]
|
| Massachusetts Gives Businesses Until January 1, 2010 to Adopt Information Security Programs To Comply With Recent Identity Theft Regulations |
Feb 13, 2009 |
|
Alert |
|
Security & Privacy Alert - February 13, 2009
SUMMARYOn Thursday, February 12, 2009, the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) issued a public statement indicating that it is extending the May 1, 2009 deadline to comply with recent Massachusetts identity theft regulations until January 1, 2010. [Learn More]
|