Privacy Compliance & Data Security Blog

Privacy compliance and electronic data security affect almost every business. Data breach prevention is essential. Fox Rothschild's Privacy Compliance & Data Security Blog will help readers navigate through the policies and best practices of data breach response. The Blog covers topics including compliance with data protection laws and regulatory enforcement and litigation as well.

Recent Blog Posts

  • Measuring the Impact of the Illinois Biometric Information Privacy Act Jeffrey L. Widman writes: In 2008, the Illinois legislature enacted the Illinois Biometric Privacy Act, 740 ILCS 14/1 et seq. (“BIPA”) to provide standards of conduct for private entities in connection with the collection and possession of “biometric identifiers and information.” BIPA regulates the collection, use, safeguarding, handling, storage, retention and destruction of such biometric identifiers. Biometric identifiers include retina and iris scans, fingerprints, voiceprints, and scans of hands and faces. It does not include writing samples, signatures, photographs, physical descriptions... More
  • Interview of Brian Tu, Digital Media Industry Leader On Fox’s Above the Fold blog, associate Eric Bevan interviewed Brian Tu, an experienced digital media industry leader. We invite you to read his insights on trends in privacy and technology as it relates to online advertising. Interview of Brian Tu, Digital Media Industry Leader ... More
  • Add Digital Photocopiers to Your Cybersecurity Checklist Office copiers retain data on the files they process – securing that data is a must. Digital copiers pose many of the same cybersecurity risks associated with computers. This is so because they’re also computers. Data thieves know that office copiers run on “smart” technology with hard drives that store information about printed, copied and scanned documents – a potential trove of sensitive data.  What steps should businesses take to protect the data across a copier’s lifecycle?  The Federal Trade Commission... More
  • Facebook Loses Bid to Keep Data Transfer Dispute Out of EU Court of Justice Facebook has failed to prevent its feud with an Austrian privacy activist over the legality of two widely used mechanisms for transferring data between the European Union and the U.S., from reaching the EU Court of Justice. In a May 2nd ruling, the Irish High Court sided with activist Max Schrems and the Irish Data Protection Commissioner, rejecting Facebook’s request to stay the court’s October 2017 referral of the case to the EU Court of Justice to give the company time... More
  • By Pivoting, Major Tech Companies Could Benefit From Increased Data Regulation Data-rich companies like Facebook have a unique opportunity to capitalize on the recent surge in regulatory scrutiny and turn it to their advantage. Savvy tech companies are attuned to public opinion and won’t allow others to control the narrative. They are already taking steps to regain the upper hand in the privacy debate. Facebook demonstrated this during Senate hearings on the Cambridge Analytica “data breach” by announcing it would upgrade privacy features and offer its users protections that mirror those in the... More
  • Top Cybersecurity Pros Deliver Insights at Fox’s Inaugural Privacy Summit In a daylong Privacy Summit at Citizens Bank Park in Philadelphia, the co-chairs of Fox Rothschild’s Privacy & Data Security practice group led a series of panel discussions with leading cybersecurity professionals and government officials. Elizabeth Litten moderating “Looking Inward: Risk Management Part I” Fox partner Elizabeth Litten, who serves as Fox Rothschild’s HIPAA Privacy & Security Officer, and partner Mark McCreary, the firm’s Chief Privacy Officer, moderated a two-part panel series examining cyber risk management for protecting company data. The first... More
  • Fox Rothschild Survey Shows Top Execs Know Cyber Risks, But Fall Short on Prevention Many company leaders appear to understand and recognize cyber threats, but far too few have implemented vital defenses. In the fourth quarter of 2017, we spearheaded a sweeping, cross-industry survey of chief executives to gauge corporate cybersecurity preparedness. The results revealed important organizational issues. The survey showed C-suite corporate leaders know their companies’ data is at risk but are not taking adequate measures to protect that data. Awareness: More than half of C-level officers recognized their companies were at high or very high... More
  • Cross-Border Transfers of Personal Data in Light of GDPR The European General Data Protection Regulation (GDPR) comes into force on May 25, 2018.  This gives companies only two months to prepare for and comply with the GDPR. Companies should be conducting data mapping to identify all cross-border transfers of personal data so that they can determine the best way to comply with the GDPR requirements. The GDPR has been, perhaps, the most widely talked about privacy regulation for the past year and a half after it was approved by the... More
  • Cambridge Analytica “Data Breach” Poses Real Risks for Facebook Recent news that Facebook has suspended research firm Cambridge Analytica for improperly collecting users’ personal data without their knowledge may not constitute a classic “data breach,” but it poses real risks for the popular social media platform. Fox Rothschild Partner Scott Vernick, founder of the firm’s Privacy & Data Security Practice, discussed the implications for Facebook, and the next steps the company should take, in an interview with the TD Ameritrade Network. “Consumers do select companies and want to do business with... More
  • Health and Human Services’ OCR Chief: No Slowdown in HIPAA Enforcement Roger Severino, director of the Department of Health and Human Services’ Office of Civil Rights, told HIMSS18 conference attendees this week that he plans no slowdown in HIPAA enforcement. “I come from the Department of Justice Office for Civil Rights; I bring that mindset to OCR. We’re still looking for big, juicy egregious cases” for enforcement, Severino said, according to this report in Data Breach Today. That doesn’t mean smaller companies should assume they are off the radar, he added. He said 2017... More