Tag Archives: Social Security Number

FTC Finalizes Settlements Relating to P2P Privacy Violations

On October 26, 2012, the Federal Trade Commission finalized its settlement agreements with two businesses that allegedly exposed thousands of customers’ sensitive personal information by allowing peer-to-peer file-sharing software to be installed on their company computer systems.… Continue Reading

FTC Settles Spying Case

On September 25, 2012, the Federal Trade Commission announced that it had settled a case involving allegations of spying by software company DesignerWare, LLC, and several rent-to-own companies that rented computers to consumers.… Continue Reading

FTC Announces Settlements Relating to P2P Data Breaches

On June 7, 2012, the Federal Trade Commission announced settlement agreements with two businesses for allegedly compromising the security of consumer personal information by allowing peer-to-peer file-sharing software to be installed on company computers. One of the companies also was charged with violations of the GLB Safeguards Rule and Privacy Rule.… Continue Reading

Minnesota AG Sues Debt Collection Agency for Health Privacy Violations

On January 19, 2012, Minnesota Attorney General Lori Swanson announced a lawsuit against Accretive Health, Inc., alleging that the debt collection company failed to adequately safeguard patients’ protected health information and violated HIPAA, the Minnesota Health Records Act, Minnesota’s debt collection statutes and Minnesota’s consumer protection laws.… Continue Reading

California Bulks Up Security Breach Notification Requirements

On August 31, 2011, California Governor Jerry Brown signed into law amendments to the state's security breach notification law; similar bills had been vetoed twice in the past by former Governor Schwarzenegger. As of January 1, 2012, entities will be required to notify the California Attorney General when a breach affects more than 500 California residents, and there will be specific content requirements for the notification provided to individuals. … Continue Reading

Massachusetts Information Security Regulations Take Effect on March 1, 2010

After several delays and revisions, the Massachusetts information security regulations, entitled “Standards for the Protection of Personal Information of Residents of the Commonwealth,” will take effect on March 1, 2010.  The regulations apply to entities that own or license personal information about Massachusetts residents.  “Personal information” is defined as a combination of a resident’s first … Continue Reading

Connecticut Attorney General Investigation Sheds Light on Meaning of “Unreasonable Delay” in Data Breach Context

On November 9, 2009, Connecticut’s Attorney General, Richard Blumenthal, announced an investigation of whether Blue Cross and Blue Shield (“BCBS”) violated Connecticut’s data breach notification law by waiting until two months after a data breach had occurred to notify affected Connecticut residents.  The data breach, which Attorney General Blumenthal called “one of the most sizable … Continue Reading