Security breach notification laws

OAIC publishes second COVIDSafe privacy report

Retrieved on: 
Thursday, June 17, 2021
Articles, Government, Privacy law, Freedom of information, Office of the Australian Information Commissioner, COVIDSafe, Information commissioner, Privacy, Medical privacy, Security breach notification laws

The Office of the Australian Information Commissioner (OAIC) has released its second six-month report on the privacy protections that apply to the COVIDSafe system.

Key Points: 
  • The Office of the Australian Information Commissioner (OAIC) has released its second six-month report on the privacy protections that apply to the COVIDSafe system.
  • Australian Information Commissioner and Privacy Commissioner Angelene Falk said the report sets out the OAICs regulatory oversight of the privacy aspects of the system.
  • We continue to engage closely with Australian Government agencies and state and territory health authorities to assess implementation of the COVIDSafe privacy protections, Commissioner Falk said.
  • The OAIC did not receive any complaints or data breach notifications in relation to COVIDSafe.

Wolf Haldenstein Adler Freeman & Herz LLP: USA Waste-Management Resources, LLC Data Breach Investigation Alert

Retrieved on: 
Thursday, June 10, 2021
Security, Security breaches, Articles, Haldenstein, Security breach notification laws, Data breach

NEW YORK and SAN DIEGO, June 10, 2021 (GLOBE NEWSWIRE) -- Wolf Haldenstein Adler Freeman & Herz LLP, a preeminent national consumer rights law firm, announces that it is investigating claims on behalf of current and former employees of USA Waste-Management Resources, LLC (WM).

Key Points: 
  • NEW YORK and SAN DIEGO, June 10, 2021 (GLOBE NEWSWIRE) -- Wolf Haldenstein Adler Freeman & Herz LLP, a preeminent national consumer rights law firm, announces that it is investigating claims on behalf of current and former employees of USA Waste-Management Resources, LLC (WM).
  • On May 28, 2021, WM reported to the California Attorney Generals office that an unauthorized party accessed personal information stored on WMs network.
  • According to the data breach notification, on January 21, 2021, WM discovered suspicious activity on its network and began to investigate the incident.
  • Wolf Haldenstein Adler Freeman & Herz LLP has extensive experience in the prosecution of consumer rights litigation in state and federal trial and appellate courts across the country.

McDonald Hopkins welcomes Eric R. Benson to Litigation Department and Data Privacy and Cybersecurity Team

Retrieved on: 
Thursday, April 22, 2021
Data security, Data protection, Privacy law, Articles, Information privacy, Privacy, Cyberwarfare, Security breach notification laws, General Data Protection Regulation, Computer security, Health Insurance Portability and Accountability Act, Gramm–Leach–Bliley Act

b"DETROIT, April 22, 2021 /PRNewswire/ --Eric R. Benson has joined McDonald Hopkins LLC as an associate in the Litigation Department, adding his experience to the firm's national Data Privacy and Cybersecurity Practice Group.\nBenson's practice focuses on advising companies in a wide variety of industries on addressing data privacy and cybersecurity incidents.

Key Points: 
  • b"DETROIT, April 22, 2021 /PRNewswire/ --Eric R. Benson has joined McDonald Hopkins LLC as an associate in the Litigation Department, adding his experience to the firm's national Data Privacy and Cybersecurity Practice Group.\nBenson's practice focuses on advising companies in a wide variety of industries on addressing data privacy and cybersecurity incidents.
  • This includes advising on breach response obligations, including compliance and notification to individuals and government regulators as required under state and federal breach notification laws, including HIPAA, GLBA and GDPR.
  • Benson also represents clients in state and federal investigations that arise from data privacy incidents and provides guidance on crisis communications and management issues.
  • For more information about McDonald Hopkins, visit mcdonaldhopkins.com .\n"

Privacy Commissioner Conducts Compliance Check as Regards the Unauthorised Access to the Email System of Nikkei

Retrieved on: 
Thursday, March 18, 2021
Security breaches, Articles, Security, Privacy law, Office of the Privacy Commissioner for Personal Data, Security breach notification laws, Privacy, Internet privacy, Data breach

The Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD) noted the media reports on the unauthorised access to the email system of Nikkei China (Hong Kong) Limited in October 2020, which might involve the leakage of the personal data of over 1,600 customers.

Key Points: 
  • The Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD) noted the media reports on the unauthorised access to the email system of Nikkei China (Hong Kong) Limited in October 2020, which might involve the leakage of the personal data of over 1,600 customers.
  • In response to media enquiries, the PCPD confirmed that it received a data breach notification from the company concerned on 17 March.
  • The Privacy Commissioner for Personal Data, Hong Kong (Privacy Commissioner), Ms Ada CHUNG Lai-ling, pointed out that organisations must take effective security measures to protect the personal data of their customers.
  • The Privacy Commissioner appeals to organisations to notify the PCPD and the affected customers as soon as possible of any data breach incident to minimise the potential damage which might be caused to its customers.

Resumption of Public Services from 18 February 2021

Retrieved on: 
Tuesday, February 16, 2021
Telecommunications, Office of the Privacy Commissioner for Personal Data, Articles, Security breach notification laws, Hotline, Privacy, Security

Having regard to the latest developments of the epidemic situation and the announcement made by the Government on 10 February 2021, the Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD) has made the following updated work arrangements, while implementing targeted measures to reduce social contact and ensure infection control: -

Key Points: 
  • Having regard to the latest developments of the epidemic situation and the announcement made by the Government on 10 February 2021, the Office of the Privacy Commissioner for Personal Data, Hong Kong (PCPD) has made the following updated work arrangements, while implementing targeted measures to reduce social contact and ensure infection control: -
    Counter services and meetings with members of the public on appointment basis will resume from 18 February 2021;
    Public talks, professional workshops and seminars will continue to be held online;
    All other services, including media enquiries (90997517; [email protected] ), general enquiries, data breach notifications and complaints will continue to be received through hotline (28272827), fax (28777026) or email ( [email protected] ; [email protected] and [email protected] ), and enquiry/complaint hotline about doxxing (34236666).
  • Online services ( www.pcpd.org.hk ) will also continue to be provided; and
    The PCPD appeals to members of the public to make enquiries and complaints by post, telephone or emails as far as practicable.

Norwegian DPA issues reprimand to Telenor for inadequate protection of personal data

Retrieved on: 
Friday, February 12, 2021
Telecommunications, Data security, Information privacy, Information, Data protection, Telenor Pakistan, Data protection (privacy) laws in Russia, Security breach notification laws, Telenor, National data protection authority, Computer security

The Norwegian Data Protection Authority have issued a reprimand to Telenor Norge AS for inadequate protection of personal data in its voicemail function, and for failing to submit a data breach notification to the Norwegian Data Protection Authority.

Key Points: 
  • The Norwegian Data Protection Authority have issued a reprimand to Telenor Norge AS for inadequate protection of personal data in its voicemail function, and for failing to submit a data breach notification to the Norwegian Data Protection Authority.
  • The Data Protection Authority finds that Telenor Norge AS had not implemented satisfactory security measures.
  • This decision also takes account of the fact that Telenor failed to submit a data breach notification to the Data Protection Authority.
  • To prevent Telenor Norge AS from being penalized twice for the same offence, the Norwegian Data Protection Authority opted to issue a formal reprimand instead.

Norwegian DPA issues fine to Coop Finnmark

Retrieved on: 
Thursday, February 11, 2021
Information privacy, Finnmark, National data protection authority, Security breach notification laws, Articles, Information, Security

The Norwegian Data Protection Authority has issued a fine in the amount of EUR 40 000 (NOK 400,000) to Coop Finnmark SA.

Key Points: 
  • The Norwegian Data Protection Authority has issued a fine in the amount of EUR 40 000 (NOK 400,000) to Coop Finnmark SA.
  • After reviewing the case, the Data Protection Authority finds that Coop Finnmark lacked a legal basis for the shop managers distribution of the surveillance footage.
  • This case was reported as a personal data breach notification from Coop Finnmark AS on April 10th 2019, and the Data Protection Authority issued a notice of fine in March 2020.
  • Coop Finnmark has submitted comments to the notice, which the Data Protection Authority now has considered.

IDX Announces Cybersecurity Healthcheck for Organizations in Conjunction with No-Cost Data Breach Services Agreement

Retrieved on: 
Thursday, February 11, 2021
Data security, Security, Articles, Cryptography, Information governance, Security breaches, Security breach notification laws, Computer security, Information security, Data breach

IDX will provide this service as part of its no-cost Master Services Agreement (MSA), which provides organizations with best-in-class breach notification services if they experience a data breach incident.

Key Points: 
  • IDX will provide this service as part of its no-cost Master Services Agreement (MSA), which provides organizations with best-in-class breach notification services if they experience a data breach incident.
  • Every information security officer or C-suite executive needs a resource like this at their disposal," said Ian Kelly, vice president of data breach services of IDX.
  • Cybersecurity Healthcheck is provided to qualified organizations by IDX through a partnership with 4A Security and Compliance, a leading cyber risk services firm.
  • For information about Cybersecurity Healthcheck, to request your complimentary assessment, or for more information on a no-cost MSA for data breach services, visit IDX here .

Small and Midsized Business Cyber Security Trends

Retrieved on: 
Thursday, January 28, 2021
Computer security, Cybercrime, Cyberwarfare, Crime, Articles, Computer network security, Information sensitivity, Cyberattack, Security breach notification laws, Cyber insurance

The statistics are sobering and show that the losses from just one cyberattack have the potential to put a company out of business.

Key Points: 
  • The statistics are sobering and show that the losses from just one cyberattack have the potential to put a company out of business.
  • Cyber security is highly technical and specialized.
  • Qualified technicians are in short supply, and SMBs may not have the resources to hire in-house IT security.
  • Adequate cyber security can help protect your business investment from the devastation of cybercrime, including financial losses, lost contracts, legal and breach notification costs.

Identity Theft Resource Center®'s 2020 Annual Data Breach Report Reveals 19 Percent Decrease in Breaches

Retrieved on: 
Thursday, January 28, 2021
Security breaches, Security, Identity Theft Resource Center, Identity theft, Data breach, Articles, Security breach notification laws

SAN DIEGO, Jan. 28, 2021 /PRNewswire-PRWeb/ --Today, the Identity Theft Resource Center (ITRC), a nationally recognized non-profit organization established to support victims of identity crime, released its 15th annual Data Breach Report.

Key Points: 
  • SAN DIEGO, Jan. 28, 2021 /PRNewswire-PRWeb/ --Today, the Identity Theft Resource Center (ITRC), a nationally recognized non-profit organization established to support victims of identity crime, released its 15th annual Data Breach Report.
  • According to the report, the number of U.S. data breaches tracked in 2020 (1,108) decreased 19 percent from the total number of breaches reported in 2019 (1,473).
  • The 2020 Data Breach Report shows the continuation of a trend from 2019: cybercriminals are less interested in stealing large amounts of consumers' personal information.
  • The ITRC also equips consumers and businesses with information about recent data breaches through its data breach tracking tool, notified .