On November 13, 2020, the UK Information Commissioner’s Office fined Ticketmaster UK Limited £1.25 million for failing to keep its customers’ personal data secure.
Continue Reading ICO Fines Ticketmaster 1.25 Million Pounds for Security Failures
Penalty
UPDATE: Zoom Settles with FTC Over Deceptive Security Claims
On November 9, 2020, the Federal Trade Commission announced it had entered into an consent agreement with Zoom Video Communications, Inc. to settle allegations that the video conferencing provider engaged in a series of unfair and deceptive practices that undermined the security of its user base, which, according to the FTC, has grown from 10 million users in December 2019 to 300 million in April 2020 during the COVID-19 pandemic.…
Continue Reading UPDATE: Zoom Settles with FTC Over Deceptive Security Claims
ICO Fines Marriott International £18.4 Million for Security Breach
On October 30, 2020, the UK Information Commissioner’s Office announced its fine of £18.4 for Marriott International, Inc., for violations of the GDPR, a significant decrease from the proposed fine of £99,200,396 announced in July 2019.…
Continue Reading ICO Fines Marriott International £18.4 Million for Security Breach
ICO Issues Enforcement Notice Against Experian
On October 27, 2020, the UK Information Commissioner’s Office published its enforcement notice against credit reference agency Experian Limited under Section 149 of the Data Protection Act 2018.…
Continue Reading ICO Issues Enforcement Notice Against Experian
ICO Fines British Airways 20 Million Pounds for Security Breach
On October 16, 2020, the UK Information Commissioner’s Office announced its fine of £20,000,000 for British Airways for violations of the GDPR, which is a significant decrease from the proposed fine of £183,390,000 from July 2019. …
Continue Reading ICO Fines British Airways 20 Million Pounds for Security Breach
ICO Launches Consultation on Its Draft Statutory Guidance
On October 1, 2020, the UK Information Commissioner’s Office launched a public consultation on its draft Statutory Guidance, which provides an overview of the ICO’s powers and how it intends to regulate and enforce data protection legislation in the UK, including its approach to calculating fines.…
Continue Reading ICO Launches Consultation on Its Draft Statutory Guidance
Hamburg DPA Imposes Fine of 35.3 Million Euros on H&M
On October 1, 2020, the Hamburg Data Protection Authority fined H&M € 35.3 million for unlawful employee monitoring practices in the company’s service center concerning several hundred employees.…
Continue Reading Hamburg DPA Imposes Fine of 35.3 Million Euros on H&M
42 States and District of Columbia Enter into $39.5 Million Agreement with Anthem to Settle Breach-Related Claims
On September 30, 2020, Anthem, Inc., entered into an assurance of voluntary compliance with the attorneys general of 42 states and the District of Columbia to resolve claims under state and federal law relating to Anthem’s 2015 data breach of personal information and protected health information, the largest breach of PHI in history.…
Continue Reading 42 States and District of Columbia Enter into $39.5 Million Agreement with Anthem to Settle Breach-Related Claims
OCR Settles with Orthopedic Clinic for $1.5 Million for Alleged HIPAA Noncompliance
On September 21, 2020, the U.S. Department of Health and Human Services Office for Civil Rights announced a $1.5 million settlement with Athens Orthopedic Clinic PA for alleged violations of the HIPAA Privacy and Security Rules.…
Continue Reading OCR Settles with Orthopedic Clinic for $1.5 Million for Alleged HIPAA Noncompliance
OCR Settles Five More Investigations Under HIPAA Right of Access Initiative
On September 15, 2020, the U.S. Department of Health and Human Services’ Office for Civil Rights announced five more settlements under its HIPAA Right of Access Initiative.…
Continue Reading OCR Settles Five More Investigations Under HIPAA Right of Access Initiative