It’s been almost 18 months since the Massachusetts Data Privacy Law went into effect. Belmont Savings Bank has become one of the first charged with violating the law. Belmont Savings Bank maintained personal information on an unencrypted backup data tape and then lost the tape. According to surveillance footage the tape was likely discarded inadvertently by [...]
Archive | Privacy RSS feed for this section
Is Your Copier in Compliance?
I remember the days of the mimeograph. In class people would inevitably sniff the newly printed pages. For a teacher, the danger was that the latent copy would fall into the wrong hands. Animal House highlighted that danger. Current day copiers are much more advanced than the mimeograph, but the dangers of the latent copy [...]
Data Privacy Day
Data Privacy Day is January 28, 2011. There have events throughout the week to inform and educate us all about our personal data rights and protections. Here are some key reminders: Never Post or Share Personal Information such as a date of birth, personal address, or maiden name because identity thieves now friend as many [...]
Dilbert on Employee Email Privacy
It looks like even Dilbert is keeping an eye on the Quon case at the Supreme Court.
Feds Release Usable Model Consumer Privacy Notice
There was much cheering when federal regulators finally released their Final Model Privacy Notice Form back in November. That was quickly followed by a gnashing of teeth when it turns out the regulators did not understand the concept of a form or how to use Adobe Acrobat. They merely created a static document that you [...]
N.J. Supreme Court upholds privacy of personal e-mails accessed at work
The New Jersey courts have been handling a case that squarely addressed a company’s ability to monitor employee email. Back in April of 2009, I mentioned a New Jersey case that found e-mail, sent during work hours on a company computer, was not protected by the attorney-client privilege: Compliance Policies and Email. That later was [...]
Data breach Sharing Framework
With the Massachusetts Data Privacy Law now in place (and presumably you are in compliance with it), you need to think about what to do if you have an incident. Verizon has published the Verizon Incident Sharing Framework to help. Our goal for our customers, friends, and anyone responsible for incident response, is to be [...]
Data Breaches and Knowledge Management
One of the features of the new Massachusetts Data Privacy Law is that it forces some knowledge management on companies in the context of data breaches. Since the law required compliance on or before March 1, 2010, I assume you already have the policy and safeguards in place. That is, if you have social security [...]
Today is the Deadline for the Massachusetts Data Privacy Law
March 1 is the compliance deadline for the Massachusetts Data Privacy Law. 201 CMR 17.00 requires you to be in full compliance on or before January 1, 2009 January 1, 2010 March 1, 2010. If your company receives, stores, maintains, processes or otherwise has access to “personal information” acquired in connection with employment or with [...]
Another Reason to Secure Your Wireless Network
If you care about network security, you are probably well aware of the Massachusetts Data Privacy Law and its requirement to secure wireless networks. But password-protecting a wireless router also has constitutional significance. A child pornography suspect had no constitutionally protected privacy right in the files found on his personal computer, accessible by a neighbor [...]
Social Media
My social media policies database is available to you.
Affilate
This website uses the Canvas Wordpress theme from WooThemes. (affiliate link)
