The FTC announced a settlement with RealPage, Inc., a tenant background screening company, settling allegations that it violated the Fair Credit Reporting Act (FCRA) by failing to take reasonable steps to ensure the accuracy of the tenant screening information it provided to landlords and property managers.
Year: 2018
The Sedona Conference Publishes Commentary on Information Governance, Second Edition
The Sedona Conference® has released a Public Comment Version of its Commentary on Information Governance, Second Edition. The latest edition of this Commentary sets out 11 principles of information governance that provide a strategic framework for senior management to make decisions with respect to all information within an enterprise and accounts for changes and advances in technology and law that have occurred over the past four years. It also incorporates guidance on information governance contained in The Sedona Principles, Third Edition, which we discussed in a previous blog post. As defined in this Commentary, information governance “means an organization’s coordinated, interdisciplinary approach to satisfying information compliance requirements and managing information risks while optimizing information value.” The Commentary recognizes that information governance encompasses a variety of disciplines, including traditional records and information management, data privacy, information security, and e-discovery.
Another Court Rules Virtual Currencies are Commodities Subject to CFTC Oversight
The U.S. District Court for the District of Massachusetts is the latest court to rule that virtual currencies are commodities, and subject to Commodity Futures Trading Commission (CFTC) jurisdiction.
Continue reading “Another Court Rules Virtual Currencies are Commodities Subject to CFTC Oversight”
First Notice Filed Under GDPR against Canadian Analytics Firm
The UK Information Commissioner’s Office (ICO) has issued an Enforcement Notice against a Canadian data analytics firm, AggregateIQ (AIQ) that allegedly produced targeted advertisements for pro-Brexit campaigns. This action is the first enforcement Notice issued under the GDPR.
Continue reading “First Notice Filed Under GDPR against Canadian Analytics Firm”
Employee’s Illegal Access to Patient Records Results in Data Breach of 15,000 Patients: Hospital System to Pay for Violations
UMass Memorial Medical Center, Inc., and UMass Memorial Medical Group, Inc. (collectively, UMass) has agreed to pay $230,000 to settle claims alleging that that they violated the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA), and various other state patient privacy laws.
NTIA Seeks Comment on Federal Consumer Data Privacy Approach
The Department of Commerce’s National Telecommunications and Information Administration (NTIA) issued a Notice seeking comments on a proposed federal consumer data privacy approach. In a parallel effort, the Commerce Department’s National Institute of Standards and Technology is developing a voluntary privacy framework to help organizations manage risk.
Continue reading “NTIA Seeks Comment on Federal Consumer Data Privacy Approach”