Privacy Compliance & Data Security Blog

http://dataprivacy.foxrothschild.com/

Mark is an author of the firm's Privacy Compliance & Data Security Blog. This blog helps readers navigate through the policies and best practices of data breach response and covers topics such as compliance with data protection laws and regulatory enforcement and litigation as well.

Recent Blog Posts

  • Is Your Business in Compliance with the Illinois Biometric Information Privacy Act A number of employers in Illinois are involved in pending class action litigation regarding violations of the Illinois Biometric Information Privacy Act, 740 ILCS 14/1, et seq. (the “BIPA”). The BIPA, which was enacted in 2008, addresses the collection, use and retention of biometric information by private entities. Any information that is captured, stored, or shared based on a person’s biometric identifiers, such as fingerprints, iris scans, or blood type, is considered “biometric information.” The Illinois Legislature enacted the BIPA... More
  • Upcoming CLE (Chicago): Staying One Step Ahead: Developments in Privacy and Data On Tuesday, November 7th from 2:00 to 6:30, Fox Rothschild and Kroll will be presenting the CLE: Staying One Step Ahead: Developments in Privacy and Data.  The CLE will take place at Fox Rothschild’s offices at 353 N. Clark Street in Chicago.  The speakers are Bill Dixon from Kroll, and Dan Farris and Mark McCreary from Fox Rothschild.  Cocktails and networking will follow the presentations. If you are in the Chicago are on November 7th, I hope you will join us.  Click here... More
  • Upcoming Webinar: Can’t Touch That: Best Practices for Health Care Workforce Training on Data Security and Information Privacy Elizabeth Litten (Fox Rothschild Partner and HIPAA Privacy & Security Officer) and Mark McCreary (Fox Rothschild Partner and Chief Privacy Officer) will be presenting at the New Jersey Chapter of the Healthcare Financial Management Association on August 30, 2017, from 12:00-1:00 pm eastern time.  The presentation is titled: “Can’t Touch That: Best Practices for Health Care Workforce Training on Data Security and Information Privacy.” This webinar is a comprehensive review of information privacy and data security training, with an emphasis on... More
  • CMS Suggests Five Ways for Healthcare Providers to Prepare for New Medicare Cards Eric Bixler has posted on the Fox Rothschild Physician Law Blog an excellent summary of the changes coming to Medicare cards as a result of the Medicare Access and CHIP Reauthorization Act of 2015.  Briefly, Centers for Medicare and Medicaid Services (“CMS”) must remove Social Security Numbers (“SSNs”) from all Medicare cards. Therefore, starting April 1, 2018, CMS will begin mailing new cards with a randomly assigned Medicare Beneficiary Identifier (“MBI”) to replace the existing use of SSNs.  You can... More
  • After the “WannaCrypt / WannaCry / WCry” Malware, Microsoft Pushes Update to Current and Unsupported Versions of Windows Yesterday we witnessed new ransomware spread across the world with incredible speed and success, bringing businesses to their knees and home users learning for the first time about ransomware and why computer backups are so important. With over 123,000 computers infected, experts believe the “WannaCrypt/WannaCry/WCry” attacks have stopped after researchers registered a domain that the software checks before encrypting.  However, nothing is stopping someone from revising the software to not require that check and releasing it into the wild.  In other... More
  • $2.5 Million Settlement Shows That Not Understanding HIPAA Requirements Creates Risk In one of the best examples we have ever seen that it pays to be HIPAA compliant (and can cost A LOT when you are not), the U.S. Department of Health and Human Services, Office for Civil Rights, issued the following press release about the above settlement.  This is worth a quick read and some soul searching if your company has not been meeting its HIPAA requirements. FOR IMMEDIATE RELEASE  April 24, 2017 Contact: HHS Press Office  202-690-6343  [email protected]  $2.5 million settlement shows that not understanding HIPAA... More
  • Don’t Get Caught in ‘Phishing Season’ With tax season in full swing, a different season is impacting businesses across all industries: “phishing season.” Copyright: fberti / 123RF Stock Photo “Phishing” or “spear phishing” refers to cyberattack scams that target certain individuals within an organization with the hope of gaining access to valuable information. These scams take advantage of the busy tax season, the desire to promptly respond to purported upper management and social engineering employees in order to target and trick only employees with immediate access to sensitive employee... More
  • The Data is In… Privacy Internet Lawsuits are Out The “new age” of internet and dispersed private data is not so new anymore but that doesn’t mean the law has caught up.  A few years ago, plaintiffs’ cases naming defendants like Google, Apple, and Facebook were at an all-time high but now, plaintiffs firms aren’t interested anymore.  According to a report in The Recorder, a San Francisco based legal newspaper, privacy lawsuits against these three digital behemoths have dropped from upwards of thirty cases in the Northern District of... More
  • Privacy Policies Matter… Whether You Read Them Or Not New innovations come hand in hand with new privacy issues.  Privacy policies may seem like a last minute add-on to some app developers but they are actually an important aspect of an app.  Data breaches are an imminent risk and a business’s first defense to potential problems is a privacy policy. Fordham University in New York hosted its Ninth Law and Information Society Symposium last week where policy and technology leaders came together to discuss current privacy pitfalls and solutions.  Joanne... More
  • A Dream or A Nightmare? How the FCC’s Addition of Vague Robocall Rules to the TCPA May Increase Litigation and Issues for Businesses The freedom from automated calls at random hours of the evening may seem like the true American dream these days as more and more companies rely on these calls to reach out and communicate with customers.  Unfortunately, now that the Federal Communications Commission (“FCC”) voted to expand the Telephone Consumer Protection Act (“TCPA”) to include stringent yet vague restrictions on telemarketing robocalls, it may not be a dream for everyone.  In June of this year, in a 3-2 vote, the... More