Header graphic for print
HL Chronicle of Data Protection Privacy & Information Security News & Trends

Tag Archives: data security breach

Posted in Cybersecurity & Data Breaches

ABA Commission Proposes Ethics Rule Requiring Adequate Data Security

The American Bar Association (ABA) is proposing to make clear that the protection of a client’s data is an ethical responsibility of lawyers. The Commission on Ethics 20/20 of the American Bar Association recently released its Report to the House of Delegates recommending several modifications to the ABA Model Rules of Professional Conduct regarding lawyers’ use of technology and protection of client confidences, including a Rule that requires lawyers to make reasonable efforts to prevent the inadvertent or unauthorized disclosure of, or unauthorized access to information relating to the representation of a client.

Posted in International/EU Privacy

France Implements EU Requirements for Data Breach Notification, Audits and Cookies Applicable to Electronic Communications Service Providers

On August 26, 2011 France implemented new EU provisions on data breach notifications for electronic communications providers, as well as new provisions requiring prior consent for cookies. The French measure also gives the government power to order security audits for electronic communications providers.

Posted in Cybersecurity & Data Breaches

Short Guide to Responding to Data Security Breaches

The recent effective data for enforcement of the new HIPAA/HITECH data-security breach notification law, and continued passage of and amendments to state notification laws, make compliance with data-security breach notification requirements more challenging than ever.
The H&H Chronicle of Data Protection thought it would be useful to provide this Short Guide to Responding to Data Security Breaches as a refresher for some and as a wake-up call for others.

Posted in Cybersecurity & Data Breaches

New Class of Data Security Breach Plaintiffs Possible If Maine Supreme Court Rules That Economic Harm Not Required

“Do time and effort alone, spent in a reasonable effort to avert reasonably foreseeable harm, constitute a cognizable injury under Maine common law?” That is the question a federal district judge in Maine has put to the Maine Supreme Court in the data security breach litigation involiving Hannaford Brothers. “If the Maine Law Court’s answer to the certified question on the cognizable harm issue favors the plaintiffs, the plaintiffs will have both a negligence claim and an implied contract claim.” Such a development could have a profound impact on the vulnerability of companies experiencing data security breaches to civil claims, something they so far largely have avoided.