Category: Privacy

Department of Education Posts CyberAdvisory on Extortion and Student Data Threats

Share

Acknowledging that schools have “long been targets for cyber thieves,” the Federal Student Aid Office (FSA) of the U.S. Department of Education (ED) posted an alert on October 16, warning school districts and other educational institutions of criminal extortion schemes threatening to release sensitive student data. Recent, similar cyberattacks in Montana and Iowa are being investigated by the FBI.

Continue reading “Department of Education Posts CyberAdvisory on Extortion and Student Data Threats”

OCR Reminder on How to Manage HIPAA Privacy Requirements during Emergency Relief Efforts

Share

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a reminder to its listserv subscribers following the Las Vegas Strip shooting on October 1, 2017, that HIPAA covered entities are permitted to share patient protected health information (PHI) under the HIPAA Privacy Rule  to carry out specific purposes and under certain circumstances.

For most disclosures, however, a covered entity must make reasonable efforts to limit the information disclosed to that which is minimally necessary to accomplish the purpose.  Per OCR’s reminder, covered entities may rely on representations from a public health authority or other public official that the requested information is the minimum necessary for the purpose.

The following is a summary of OCR’s reminder and the uses and disclosures available under 45 C.F.R. §164.510.

Continue reading “OCR Reminder on How to Manage HIPAA Privacy Requirements during Emergency Relief Efforts”

Tech Companies Issue White Paper Recommending a National IOT Strategy

Share

Over the course of the last year, a number of U.S. technology companies and associations, including Intel, Samsung and the Information Technology Industry Council (ITIC) initiated a process dubbed “the National IOT Strategy Dialogue” the purpose of which was to develop strategic recommendations for U.S. government policymakers on the Internet of Things.

The group recently issued a white paper capturing the recommendations they advocate that the U.S. government undertake or implement.  These players suggest that for the U.S. to win the global race to test, develop and deploy beneficial IOT technologies, that the U.S. government needs a strategic roadmap.

Continue reading “Tech Companies Issue White Paper Recommending a National IOT Strategy”

FTC and Department of Education to Co-Host Workshop and Webcast on Privacy Issues in Education Technology

Share

The Federal Trade Commission (FTC) and the U.S. Department of Education (ED) will co-host a live workshop on December 1, 2017 highlighting two intersecting regulatory regimes: the FTC’s rules implementing the Children’s Online Privacy Protection Act (COPPA), which applies to K-12 schools and to children under the age of 13, and the simultaneous application of the Family Education Rights and Privacy Act (FERPA), which also applies to schools and is administered by ED.

Continue reading “FTC and Department of Education to Co-Host Workshop and Webcast on Privacy Issues in Education Technology”

Legislative Spotlight: Self-Driving Cars Part 1

Share

The House of Representatives passed H.R. 3388, the “Safely Ensuring Lives Future Deployment and Research in Vehicle Evolution Act” or the “SELF DRIVE Act” last month. The bill would remove regulatory barriers to develop self-driving or autonomous cars by giving the National Highway Traffic Safety Administration (NHSTA) authority to establish federal safety, design, and performance standards for automated cars, excluding commercial vehicles, such as trucks and buses. States would still be responsible for the vehicle registration, driver’s licensing, insurance, and safety and emissions inspections. The bill would also allow states to impose stricter performance requirements than those set by NHTSA.

We have outlined the privacy and cybersecurity provisions of this bill, as well as the NHTSA’s voluntary security standards for self-driving cars.

Continue reading “Legislative Spotlight: Self-Driving Cars Part 1”

Connected Car Resolution adopted by the International Conference of Data Protection and Privacy Commissioners

Share

Connected car data protection generated significant discussion amongst people at the International Conference of Data Protection and Privacy Commissioners. The 39th annual conference brought together privacy and data protection authorities (DPAs) from around the world in Hong Kong in September.  Consistent with prior tradition, the “closed sessions” produced three separate nonbinding resolutions.

Continue reading “Connected Car Resolution adopted by the International Conference of Data Protection and Privacy Commissioners”

©2024 Faegre Drinker Biddle & Reath LLP. All Rights Reserved. Attorney Advertising.
Privacy Policy