Monthly Archives: June 2011

PCI Security Council Releases Standards Guidance for Virtual Environments

Over half of the companies surveyed by Trend Micro in May 2011 reported having cloud computing services being developed, implemented, or already in production.  The survey also reports that security concerns continue to be a primary reason companies are holding back their adoption of cloud computing.  The security concerns related to virtual environments are heightened … Continue Reading

New Texas Health Care Privacy Law

Texas Governor Rick Perry just signed a law protecting patients’ data in electronic health records and increasing penalties for violation of the health care privacy laws. In what was a heated legislative session, this bill passed both houses without opposition, signaling widespread support for a stronger stance on protecting patients’ health information. The new law … Continue Reading

Personal Information is Not Property Under California Unfair Competition Law

On May 12, 2011, a California federal court dismissed substantive claims in a class action privacy lawsuit against Facebook.  The plaintiffs alleged eight causes of action under federal and state law, claiming that Facebook shared users’ personal information with advertisers without the users’ consent.  Although the judge found that the plaintiffs had standing to bring … Continue Reading

Supreme Court Finds Vermont Data Mining Law Unconstitutional

The U.S. Supreme Court released its decision today in Sorrell v. IMS Health Care, Inc., a case concerning the constitutionality of a Vermont statute that prohibited pharmacies from selling or disclosing prescriber-identifying information taken from prescriptions for marketing purposes.  The challenge to the statute was made by data mining companies.  The Supreme Court stated that … Continue Reading

Practicing Law Institute Explores Key Considerations in Cloud Vendor Agreements

One of the most significant trends in technology is the growing acceptance of cloud computing. Cloud computing is the on-demand network access to a shared pool of computing resources which can be rapidly deployed or contracted.  Many companies are using the cloud computing model to offer their proprietary software as a service (SaaS) which can … Continue Reading

Proposed Rule Would Change HIPAA Accounting of Disclosures – Covered Entities Will Continue to Face Significant Technical Challenges

On May 31, 2011, the U.S. Department of Health and Human Services (HHS) published a proposed rule adopting sweeping changes to the “accounting of disclosures” requirement under 45 C.F.R. § 164.528 that likely are to have a significant impact on the health information technology (HIT) systems being implemented by many healthcare providers, health plans (including … Continue Reading

Sony & Epsilon Support National Data Breach Notice Law in Testimony Before House Subcommittee

On June 2, 2011, representatives from Sony Network Entertainment International and Epsilon Data Management, LLC appeared before a House panel to answer questions regarding their responses to recent security breaches.  The hearing of the House Energy and Commerce Subcommittee on Commerce, Manufacturing, and Trade was called by Subcommittee Chairwoman Mary Bono Mack (R-Calif.) as part … Continue Reading

California Social Networking Privacy Act Stalls

California SB 242 (Social Networking Privacy Act), which we covered here, would require social networking websites to design default privacy settings that prevent information about a user from being displayed without affirmative consent from the user.  On May 27, 2011, the bill failed to receive enough votes to pass the California Senate.      The bill faced … Continue Reading