Tag Archives: Enforcement

Finalized New York Department of Financial Services Cybersecurity Regulation to Take Effect March 1

On February 16, 2017, the New York Department of Financial Services (NYDFS) announced the release of its finalized Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulation”), which will take effect on March 1, 2017. This final iteration, issued following an additional 30-day comment period, is in large part the same as the revised version dated … Continue Reading

FTC Goes After IoT Device Manufacturer for Alleged Security Vulnerabilities in Routers, IP Cameras

On January 6, the Federal Trade Commission (FTC) announced that it had filed a complaint against Taiwanese D-Link Corp. and its U.S. subsidiary, D-Link Systems Inc. (D-Link), alleging the company made deceptive claims about the security of its products and engaged in unfair practices that put U.S. consumers’ privacy at risk. The case is noteworthy for … Continue Reading

New York Department of Financial Services Issues Revised Cybersecurity Regulations

With the clock ticking down to the new year, on December 28, 2016, the New York State Department of Financial Services (NYDFS) released highly anticipated revisions to its proposed Cybersecurity Requirements for Financial Services Companies (the “Proposal”). As we previously reported, the NYDFS first announced the proposed regulations in September; at that time, they were … Continue Reading

FTC Settles with Ad Tech Company Over Deceptive Online Tracking Practices

On December 20, 2016, the Federal Trade Commission (FTC) announced that Turn Inc. agreed to settle charges that it misled consumers about its online tracking activities and failed to honor consumer opt-outs as described in its privacy policy. Background Turn is a digital advertising company that facilitates targeted marketing by commercial brands and ad agencies … Continue Reading

Federal Trade Commission Joins with Industry Experts to Provide Start-Ups and Developers with Practical Advice at “Start with Security” Conference

The FTC has a history of offering practical advice to organizations and consumers to protect against security threats and related concerns, and is continuing this practice with the upcoming – and very first – “Start with Security” conference, taking place at the University of California’s Hastings College of the Law on September 9, 2015. The … Continue Reading

HHS Attorney: Major HIPAA Fines and Enforcement Coming

As regularly blogged about on the Data Privacy Monitor, the past 12 months have seen record-breaking HIPAA enforcement activity by HHS OCR.  But according to recent remarks by a high-ranking HHS attorney, if you thought these past 12 months were significant, just wait for the next 12 months. According to Law360, Jerome B. Meites, Chief … Continue Reading

OCR Settles Potential HIPAA Violations with County Government for $215,000

Co-Authored by Charles K. Shih. To start 2014, the Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued its first resolution agreement of the year and its first settlement with a county government – signaling that even local and county governments, regardless of size, must safeguard the privacy and security of patient … Continue Reading

FTC Releases Complaint Alleging LabMD Failed to Protect Consumer Privacy

Authorship credit:  Tina U. Amin FTC Complaint Alleges Disclosure of Medical and Other Sensitive Information over Peer-to-Peer Network and Alleges Identity Thieves may have Obtained Sensitive Information In August 2013, the Federal Trade Commission filed a petition in federal court to investigate Atlanta based medical testing laboratory LabMD, Inc. on suspicion that the company failed … Continue Reading

Health Plan Settles HHS OCR Investigation Related to Photocopier Breach for $1.2m

The Department of Health and Human Services Office for Civil Rights (HHS OCR) today announced its 4th resolution agreement of 2013.  Affinity Health Plan, Inc., a not-for-profit managed care plan serving the New York metropolitan area, has agreed to settle potential violations of the HIPAA Privacy and Security Rules for $1,215,780.  The resolution agreement relates … Continue Reading
LexBlog