Jordan Weissmann writes: Fresh off the American Bar Association’s success fending off the application of new anti-identity theft regulations to lawyers, a trade group representing certified public accountants has filed its own lawsuit over the rules. The American Institute of Certified Public Accountants, represented by Fried, Frank, Harris, Shriver & Jacobson partners Daniel Loeb and…
Category: Legislation
Federal Data Security Law: ‘Careful What You Wish For’
Bill Brenner writes: A federal cybersecurity law edged closer to reality late last week when the Senate Judiciary Committee approved a bill to protect the personal data of Americans. The bill is a bipartisan effort sponsored by Chairman Patrick Leahy, D-Vt., and co-sponsored by former Chairman Orrin Hatch, R-Utah, that would, among other things, force…
Senate Panel Clears Data Breach Bills
Eric Chabrow reports: The Senate Judiciary Committee Thursday approved two companion bills that would require businesses and government agencies to notify individuals of security breaches involving sensitive personally identifiable information. Both bills go to the Senate for consideration. The Personal Data Privacy and Security Act, or S. 1490, designates as fraud unauthorized access of sensitive…
EU: Telcos’ data breach notification amendment is passed
From Out-Law.com: The European Council has approved a data breach notification rule for Europe’s telecoms firms. The amendment to an EU Directive will force telcos to tell customers if they lose their data. The European Parliament and Commission have already approved the amendments, which will become law after it has been published in the EU’s…
FTC extends enforcement deadline for Red Flags rule to 2010
From the why-am-I-not-surprised dept: At the request of Members of Congress, the Federal Trade Commission is delaying enforcement of the “Red Flags” Rule until June 1, 2010, for financial institutions and creditors subject to enforcement by the FTC. The Rule was promulgated under the Fair and Accurate Credit Transactions Act, in which Congress directed the…
Coalition for Patient Privacy Calls on HHS to Repeal the Breach Notification Rule
The Coalition for Patient Privacy urges the Department of Health and Human Services to revise and repeal the interim final rule (IFR) establishing requirements for notification of breaches of unsecured protected health information. “We are dismayed and disappointed with the IFR, particularly with the inclusion of a ‘harm standard’. HHS went far beyond the intent…