By Karin M. McGinnis On behalf of your NCBA Privacy & Data Security Section, we would like to invite you to attend the Section’s 2019 Annual Meeting, to be held at the NC Bar Center in Cary on Thursday, October 24. Whether you’re an experienced privacy and data security practitioner, an attorney hoping to learn […]
By Alex Pearce Dear Members of the Privacy and Data Security Section: It is my privilege to serve as the chair of the Privacy and Data Security Section during the 2019-2020 bar year. Following our inaugural Section Council meeting on July 31, I wanted to take this opportunity to welcome everyone to the Section and […]
By Alex Pearce and Sean Fernandes Last month, the attorneys general (“AGs”) of sixteen states, including North Carolina, settled a multistate HIPAA enforcement lawsuit against Medical Informatics Engineering (MIE), a cloud-based electronic health records vendor. The lawsuit was the first time that state AGs have joined together to pursue a HIPAA-related data breach case in […]
By Orla M. O’Hannaidh and Taylor Ey We cannot believe that the European Union’s General Data Protection Regulation (GDPR) just turned one. And we know we are not alone — many of you have advised your clients on the GDPR, sat through a CLE on the GDPR or, at a minimum, googled “the GDPR” in the […]
By Eva Lorenz and Suzanne Begnoche During 2018, the North Carolina Department of Justice received notices from businesses of a total of 1,057 data breaches, affecting 1.9 million North Carolinians.[1] Businesses subject to N.C. Gen. Stat. § 75-65 must provide breach notices to all affected persons.[2] Although not legally obligated to do so under North […]
By Steven T. Snyder In late February 2019, a new amendment to the California Consumer Privacy Act (“CCPA,” “Act,” “title”) was proposed—SB-561. On its face this is a very significant amendment in that it changes the consumer’s private right of action from a very constrained set of circumstances to the violation of any “right under […]
By Saad Gul Corporate America, retooling privacy programs following California and Europe’s enactment of comprehensive privacy standards, is looking to Congress for a federal counterpart. The United States has traditionally had little appetite for comprehensive privacy regulation. Instead, it has followed a sectoral approach, protecting specific sectors such as health (such as Health Insurance Portability […]
By Peter McClelland As we begin the new year, data security and privacy law are definitively in vogue. Between Russia’s social media campaigns,[1] renewed tensions with China that include their industrial cyber theft operations,[2] breaches at major U.S. companies like Equifax,[3] Facebook,[4] Yahoo,[5] and Marriot,[6] and the unending barrage of privacy policy updates that the […]