RadarFirst Blog

Landmark OCR Enforcement Action for Lack of a Timely Breach Notification

What Does it Mean for Privacy and Security Professionals? Last week, the Office for Civil Rights (OCR) announced the first ever enforcement settlement for lack of a timely breach notification – a fine of $475,000 for Presence Health, a large healthcare network serving Illinois. In the course of investigating the breach, OCR determined that Presence […]

Read more

Changes in Breach Notification Law: Illinois Personal Information Protection Act

Effective January 1, 2017, Illinois House Bill 1260 significantly broadened the scope of the state’s Personal Information Protection Act. Included in the bill are key provisions that follow trends we identified in 2015 and 2016 as states continue to enact increasingly stringent and complex data breach notification legislation including amendments that significantly expand the scope […]

Read more

Preparing for the GDPR: Start Now, Plan to Invest

In May of 2018, Europe’s General Data Protection Regulation (“GDPR”) will take effect throughout the European Union. While this advance date may seem far off now, the work ahead of companies dealing in international data exchange is substantial, and the clock is already ticking.

Read more

IoT, Infosec Trends, and International Privacy Law

Notes from the Privacy + Security Forum in DC This year I was able to attend the Privacy and Security Forum for the first time. Organized by Daniel Solove and his TeachPrivacy organization, this informative event showcased the deep knowledge of the privacy, security, legal, and compliance speakers and attendees. Everyone at the forum exhibited […]

Read more