PH Privacy

Cyber Threats for UK and US Healthcare Organisations: A Joint Advisory Update
Further to our recently published article, the NCSC and CISA have published another joint advisory detailing the ongoing COVID-19 related criminal cyber attacks (the “Advisory”).
Timeline for Selected Global Privacy Compliance Activities in Light of COVID-19
As COVID-19 continues to disrupt business operations and compel a significant shift to a remote work environment for companies globally, both industry and government interests continue to consider – and selectively revise – their approach to the rapidly changing privacy landscape. Specifically, privacy-related legislation has become an increased point of focus, with various proposals to change the implementation and enforcement of certain jurisdictional deadlines.
PH COVID-19 Client Alert Series: Relaxation of HIPAA Restrictions in the COVID-19 Era
As the nation races to identify treatments and a vaccine for COVID-19, enforcement of the privacy strictures of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) has been relaxed. In March, 2020, the Office for Civil Rights (“OCR”) at the U.S. Department of Health and Human Services (“HHS”) announced that OCR would exercise enforcement discretion to not impose penalties for HIPAA violations against healthcare providers treating patients through commonly used social media apps.
COVID-19: Business as Usual for Data Privacy Compliance in the UK and the EU?
COVID-19 has undoubtedly already had a massive effect on businesses: it has affected how they operate, where they operate and, in some unfortunate instances, whether they operate at all. But has it affected how they comply with the law?
PH COVID-19 Client Alert Series: Location Privacy in a Crisis—Considerations for Businesses
The fight against COVID-19 has gone mobile. Israel has approved emergency regulations to use smartphone location histories to warn people about potential COVID-19 exposure and enforce self-quarantines. South Korea’s epidemiological surveys are using individual GPS data to confirm interview details and notify the public of confirmed cases through mobile alerts. There are press reports of the Trump Administration exploring the value of location data in combating the spread of the virus.
PH COVID-19 Client Alert Series: The Cybersecurity Implications of an Entire Organization Working from Home
As organizations continue to monitor the Coronavirus (“COVID-19”), many have announced work-from-home (“telework”) policies to mitigate the spread of the outbreak. The scope and speed at which entire workforces have gone remote pose complex challenges for organizations that may not be prepared for, nor maintain the hardware or software to accommodate, a wholly remote operation. Most companies were not built for this, and need to ensure their surge migration to remote working is executed securely.
PH COVID-19 Client Alert Series: Data Protection Issues
In taking steps to protect their businesses and workforces from COVID-19, companies must be mindful that employee health and medical information is subject to privacy protections. We outline below the U.S. legal framework and how it applies to likely workplace scenarios involving COVID-19. We also highlight a disturbing rise in fraud schemes preying on employee concern over COVID-19, mostly involving phishing scams.
Proposed Rules: California Releases Much Anticipated Revisions to CCPA Regulations
The California Attorney General has issued long-awaited modified proposed regulations (“Proposed Rules”) implementing the California Consumer Privacy Act of 2018 (“CCPA”) on February 7 and February 10, 2020, which contain a number of material modifications to the previously released October 2019 draft regulations.
The U.S. Federal Trade Commission Articulates a Strengthened Approach to Data Security Orders
In a January 6, 2020 blog post, Director of the Federal Trade Commission (“FTC”) Bureau of Consumer Protection, Andrew Smith, outlined the agency’s evolving approach toward data security enforcement, as evidenced by seven data security orders issued in 2019.
Has the Advocate General Just Given Many Businesses an Early Christmas Present?
In a press release issued this morning, Advocate General Saugmandsgaard Øe, has confirmed that, in his opinion, the Court of Justice of the European Union (“Court of Justice”) should declare the Commission Decision (2010/87/EU) on standard contractual clauses (“SCCs”) for the transfer of personal data to processors established in third countries as valid.
1 2 3 4 5 6 7 >