According to a recent article in Lawyers USA, small and middle market business owners are so jaded by the number of times the FTC has delayed enforcement of its Red Flags Regulations, they have pushed compliance to the back burner.  Tanya Forsheit, of InformationLawGroup, is quoted in the article as saying, “I suspect a lot of [...]

Here are just a few of the many network security and privacy (NSAP) headline incidents that have hit law firms over the years: “Employee at a Palo Alto law firm steals 90 laptops and 120 desktop computers and sells them” “Eighteen laptops stolen from the Orlando office of a major law firm” “Paralegal at a New York [...]

By now most have heard of the lady who fumed when a courtesy eight word e-mail response (“I hope everything is O.K.  Take your time.”) was billed by her attorney at $60 (.2 hours x $300 hourly rate).   Her experience left her asking one question:  “How does anyone treat people like this and still manage to stay in business?”  [...]

On April 12, 2010, Brokerage firm D.A. Davidson & Co. was hit by The Financial Industry Regulatory Authority (FINRA) with a $375,000 fine due to a 2007 data breach.    The breach potentially impacted 192,000 customers and involved social security numbers, dates of birth and other confidential information.  In what has been for years now a fairly  common occurrence, the firm [...]

On March 30, 2010, the New Jersey Supreme Court issued its opinion in Stengart v. LovingCare Agency, Inc., 2010 WL 1189458 (N.J. March 30, 2010).  This hotly anticipated ruling was a clear win for employee privacy rights.  It was also clearly the right decision given the facts.   In its decision, the Court affirmed the Appellate Court’s ruling that an [...]

In the March 2010 issue of CFO Magazine, there is an article that should serve as a wake-up call to those companies who think there is only upside to the current insurance soft market.  The author of the article puts things in proper perspective when he says: The soft market makes it tempting to just [...]

The Westin Bonaventure in Los Angeles is the latest publicly disclosed hotel hacker target.  Unfortunately, there are likely ten or more hotels hit this month that don’t even know about it.   For years now, the hospitality industry has been hit hard with malicious attackers looking to gain access by whatever means necessary – whether via point-of-sale (as they [...]

As of March 1, 2010, any company, organization, association or entity that has any sensitive personal information of a Massachusetts resident must now comply with a new law – Standards for the Protection of Personal Information of Residents of the Commonwealth (201 CMR 17.00).  This new law impacts an entity even if it is not [...]

In its sharpest defense to date, the Chinese Government – by way of its state-controlled media outlet, Zinhua News Agency - argues that it does not make sense to blame the recent corporate hacking incidents on the Chinese Government.   According to the February 24, 2010 People’s Daily article,  “China’s attitude toward cyber attacks has been unequivocal and has [...]

On February 22, 2010, as required by section 13402(e)(4) of the HITECH Act, the Office of Civil Rights (OCR) website posted a list of the covered entities that have reported breaches of unsecured protected health information affecting more than 500 individuals.  By posting this information on the OCR website, OCR has met its HITECH Act obligation, which required [...]