An announcement from the Personal Data Protection Commission of Singapore: The PDPC has updated Guide to Managing Data Breaches 2.0 (now known as the Guide on Managing and Notifying Data Breaches under the PDPA) with details of the mandatory data breach notification requirement under the PDPA. Access the Guide here. The Guide on Active Enforcement has…
Category: Breach Laws
CIPL Submits Response to the EDPB Guidelines on Examples Regarding Data Breach Notification
Hunton Andrews Kurth writes: On March 2, 2021, the Centre for Information Policy Leadership (“CIPL”) at Hunton Andrews Kurth submitted its response to the European Data Protection Board (“EDPB”) consultation on draft guidelines on examples regarding data breach notification (the “Guidelines”). The Guidelines were adopted on January 14, 2021 for public consultation. The EDPB’s Guidelines are intended to provide concrete personal…
Et tu, Canada? Evidence of Harm Required To Advance Class Action Following Data Breach
Ranjan Agarwal, Keely Cameron, J. Sébastien A. Gittens, and Justin Lambert of Bennett Jones write: Court of Queen’s Bench of Alberta, in Setoguchi v Uber B.V., 2021 ABQB 18, recently dismissed an application for certification of a proposed class action resulting from a data breach because there was no evidence of harm or loss. This class…
At House SolarWinds hearing, bipartisan lawmakers announce breach disclosure bill
Joe Uchill reports: At a joint hearing of the House Oversight and Homeland Security Committee about the SolarWinds-related espionage campaign, Rep. Michael McCaul, R-Texas, said that he and Rep. Jim Langevin, D-R.I., are working on legislation to require companies to notify the federal government after similar breaches. The Friday House hearing was the second hearing of…
HITECH Amendment Provides Some Protection For Covered Entities and Business Associates that Adopt Recognized Security Standards
Anna D. Kraus, Libbie Canter, Tara Carrier, and Olivia Vega of Covington & Burling write: On January 5, 2021, an amendment to the Health Information Technology for Economic and Clinical Health (“HITECH”) Act was signed into law. The amendment requires the U.S. Department of Health and Human Services (“HHS”) to “consider certain recognized security practices of covered…
HIPAA Enforcement by State Attorneys General
HIPAA Journal has a nice recap of of HIPAA enforcement actions by states attorney general. You can read it here.