As explained in a recent post published on Squire Patton Bogg’s Anticorruption Blog, the DOJ is pursuing providers who submit false claims under the electronic health records initiative. This enforcement action should serve as a reminder to examine carefully attestations of EHR compliance, including the requirement to complete a HIPAA-required security risk assessment.…

SECURITY & PRIVACY // BYTES

CCPA’s Applicability

By Squire Patton Boggs on June 12, 2019

The California Consumer Privacy Act (“CCPA”), the most expansive state privacy law in US history, will take effect on January 1, 2020. Our team will share with readers a series of alerts on the major elements of the CCPA. The first in the series – The California Consumer Privacy Act Series – Part 1: Applicability – focuses on the Act’s applicability, including who it will affect, personal information as defined by the CCPA, and the…

SECURITY & PRIVACY // BYTES

Are DPOs the Best Solution?

By Asel Ibraimova & Emma Yaltaghian on May 29, 2019

On 30 April, Squire Patton Boggs and the Digital Policy Alliance held an event entitled “Data Governance Under the GDPR: Are DPOs the Best Solution?” The aim of the session was to explore different approaches to the management of tasks involved in data governance, data protection and compliance, and the advantages and disadvantages of having a Data Protection Officer (‘DPO’). Following a scene-setting overview provided by Matthew Kirk, Senior Advisor at SPB, the discussion…

SECURITY & PRIVACY // BYTES

Will the CCPA be the New TCPA for Plaintiffs?

By Petrina McDaniel, Elliot Golding & Keshia Lipscomb on May 28, 2019

Last year, the California legislature enacted the California Consumer Privacy Act (the “CCPA”), which imposes key data privacy requirements on businesses collecting or storing data about California residents. The CCPA provides for civil penalties imposed by the California Attorney General (“AG”) and creates a private right of action for those residents impacted by a data breach. While the CCPA does not go into effect until January 1, 2020, businesses that will likely be subject to…

SECURITY & PRIVACY // BYTES

Did You Miss Our Recent CCPA webinar? Understanding and Preparing for the California Consumer Privacy Act

By Squire Patton Boggs on May 22, 2019

We have scheduled a make-up session with CLE for June 4, 2019 at 3p EST. Effective January 1, 2020, the California Consumer Privacy Act (CCPA) will impose burdensome GDPR-like transparency and individual rights requirements on almost every company that handles “personal information” regarding California residents, regardless of where the business is based. The Act will impact information regarding not only consumers, but also employees and business contacts.…

SECURITY & PRIVACY // BYTES

No More Games! The CNIL Publishes its 2018 and 2019 Activity Report

By Stephanie Faber on May 14, 2019

The CNIL blows the whistle for the end of the transition period. For the first time, the CNIL’s 2019 investigation program is not specific to an industry and potentially impacts controllers and processors throughout all sectors of business. Going forward, the CNIL will also be more thorough and less lenient. 2019 Program Investigation program CNIL’s yearly investigation programs account for approximately one quarter of its investigations. This year’s program will focus on three major areas:…

SECURITY & PRIVACY // BYTES

Have You Paid Your Data Protection Fee?

By Charlotte Lister on May 5, 2019

The ICO has issued a penalty notice to over 100 organisations for failing to pay their data protection fee. Failing to pay this fee due to an innocent mistake may not be accepted as a viable excuse, as demonstrated by the recent judgement in Farrow & Ball Limited v The Information Commissioner (Dismissed) [2019] UKFTT 2018_0269 (GRC). Under the Data Protection (Charges and Information) Regulations 2018, UK organisations are required to pay the ICO an…

SECURITY & PRIVACY // BYTES

The Un-healthiness of the Australian Health Sector’s Data Security

By Margie Tannock, Connor McClymont & Charlotte Osborne on May 3, 2019

More than twelve months after the commencement of the Australian Notifiable Data Breach Scheme,[1] statistics published by the Office of the Australian Information Commissioner (OAIC) have begun to reveal trends present in the 812 notifiable data breaches recorded in Australia between 22 February and 31 December 2018. One key trend is the clear susceptibility of the health care industry, which suffered one fifth of all data breaches recorded in Australia throughout 2018, the highest…

SECURITY & PRIVACY // BYTES

The Czech Republic: GDPR Adaptation Legislation Becomes Effective

By Petra Věžníková on May 2, 2019

On Wednesday, April 24, 2019, the new data protection legislation was published in the Czech Collection of Laws and became effective. In doing so, the Czech Republic remedied its legislative deficiency, as it was one of the last EU states lacking the data protection adaptation legislation. (The overview of the current state of GDPR implementation in the Member States can be found here).…

SECURITY & PRIVACY // BYTES

EDPB Guidelines on Contract as a Legal Basis for Processing: No Hotchpotch Allowed!

By Stephanie Faber & Antoine Sullice on April 30, 2019

The European Data Protection Board (EDPB) has published draft guidelines on the “processing of personal data under the contractual legal basis in the context of the provision of online services to data subjects”. These guidelines are currently open to consultation.…

SECURITY & PRIVACY // BYTES

Global updates from our Data Privacy & Cybersecurity team

Blog Authors

DOJ False Claims Enforcement Remind Providers to Conduct HIPAA Security Risk Assessments

CCPA’s Applicability

Are DPOs the Best Solution?

Will the CCPA be the New TCPA for Plaintiffs?

Did You Miss Our Recent CCPA webinar? Understanding and Preparing for the California Consumer Privacy Act

No More Games! The CNIL Publishes its 2018 and 2019 Activity Report

Have You Paid Your Data Protection Fee?

The Un-healthiness of the Australian Health Sector’s Data Security

The Czech Republic: GDPR Adaptation Legislation Becomes Effective

EDPB Guidelines on Contract as a Legal Basis for Processing: No Hotchpotch Allowed!

Company

Support

New to the Network