The House Committee on Oversight and Government Reform will be holding a hearing next Thursday morning, July 24: The Federal Trade commission and Its Section 5 Authority: Prosecutor, Judge, and Jury No details are available yet as to who the witnesses will be, so check back next week. Those interested in the topic may wish…
Category: Of Note
Vermont Attorney General Fines Local Business For Failing To Notify Consumers Of Security Breach
Shelburne Country Store in Shelburne, Vermont will pay a $3,000 civil penalty for failing to inform 721 internet buyers of a security breach of their credit card information. In late 2013, the company’s website was hacked and credit card information stolen. Upon being informed of the breach in January 2014, the company quickly fixed the problem, but…
NJ district court certifies two issues for interlocutory appeal in FTC v. Wyndham
In April, Judge Esther Salas denied Wyndham’s motion to dismiss the FTC’s complaint stemming from what the FTC alleges were unreasonable data security practices that put consumers at risk of harm. The FTC’s complaint was brought under Section 5 of the FTC Act, and Wyndham had challenged their authority to enforce data security as well as their…
Radiologist bypasses billing system computer security and acquires 97,000 patients’ info from NRAD Medical Associates – Update 4
Posting this here temporarily as phiprivacy.net is experiencing some problems. Usually when I see an envelope from NRAD Medical Associates, P.C. in my mail, it concerns a radiology bill or insurance matter following services there. But today, I opened the envelope to find a breach notification. Their notification, signed by their president, vice-president, and secretary-treasuresr, begins with the now somewhat…
NYC parents of school children: wake up and speak up to protect your child’s information!
Several years ago, I wrote to the NYC Comptroller’s Office and asked them to re-audit the NYC Department of Education on information technology/data security. To my knowledge, they haven’t done so. If you are a parent of a student in the NYC schools, this should concern you because the previous audit and two re-audits showed…
Canada: Stolen Customer Data Results In Ontario’s First Certified Privacy Class Action
Michael J. Paris of Bennett Jones LLP writes: Businesses that collect personal information have an added incentive to monitor employees handling customer data – Ontario’s first class action arising from the new tort of “intrusion upon seclusion” was certified last week.1 In Evans v Bank of Nova Scotia, the plaintiffs sought to certify a class action…