The Privacy and Security Law Blog has a nice article by Hunton & Williams LLP on the new European Parliament position on data breach notification requirement for telecoms and ISPs. As the authors note, “For the first time in EU law the amendments [to the e-Privacy Directive] introduce a definition of “personal data breach” and…
Category: Breach Laws
E.U. to Consider More Stringent Reporting of Data Breaches
Kevin O’Brien of The New York Times reports: The European Commission said Tuesday that it would pursue a new law that would require most businesses, agencies and organizations in Europe to notify consumers when they lose sensitive customer data. Viviane Reding, the European telecommunications commissioner, said the commission, the executive arm of the European Union,…
Security groups cautious about data security and file sharing bills
Gautham Nagesh of Nextgov reports on testimony to Congress concerning two bills in the current session: H.R.2221 (Data Accountability and Trust Act) and H.R. 1319 (Informed P2P User Act). Some of the concerns raised about H.R. 2221: According to David Sohn, senior policy counsel for the Center for Democracy and Technology, most states have already…
FTC Will Grant Three-Month Delay of Enforcement of ‘Red Flags’ Rule Requiring Creditors and Financial Institutions to Adopt Identity Theft Prevention Programs
From the FTC’s press release: The Federal Trade Commission will delay enforcement of the new “Red Flags Rule” until August 1, 2009, to give creditors and financial institutions more time to develop and implement written identity theft prevention programs. For entities that have a low risk of identity theft, such as businesses that know their…
Rush introduces breach notification bill in House
Yesterday in Congress, Rep. Bobby Rush (D-IL) introduced H.R. 2221, co-sponsored by Reps. Stearns (R-FL), Barton (R-TX), Schakowsky (D-IL), and Radanovich (R-CA). The text of the bill is not yet available online, but it was introduced as “A bill to protect consumers by requiring reasonable security policies and procedures to protect computerized data containing personal…
HHS offers health IT privacy guidelines
Brian Robinson reports in Government Health IT: The Health and Human Services Department has begun overhauling the privacy and security rules that govern personal health information, which is considered vital to attempts by Congress and the Obama administration to broaden the adoption of electronic health records. HHS published guidance on April 17 that outlines the…