The FTC Red Flags Rule faces another likely challenge, based on a January 27, 2010 letter sent to the FTC by the American Medical Association, the American Osteopathic Association, the American Dental Association, and the American Veterinary Medical Association. In that letter, the four health care organizations requested that the Red Flags Rule not be applied to health care professionals (based [...]
Monthly Archives: January 2010
Incident of the Week: OIG Reports that the FBI Routinely Circumvented Electronic Communications Privacy Act
A report entitled A Review of the Federal Bureau of Investigation’s Use of Exigent Letters and Other Informal Requests for Telephone Records (.pdf) from the Department of Justice Office of the Inspector General (OIG) indicates that between 2003 and 2005, FBI routinely “circumvented the requirements of the Electronic Communications Privacy Act (ECPA)” by using so-called [...]
Incident(s) of the Week: Recent Updates from Prior Incidents
1. The FTC Fines Las Vegas Man $35,000 for Dumping Customer Financial Records In Public Dumpster This week, the FTC finalized a $35,000 settlement with Gregory Navone, the real estate broker who left 40 boxes of customer tax returns, bank statements, consumer reports and other financial records in a public dumpster behind an office building in [...]
Is Your Password Still “123456″? If So, It’s Time for a Change
If you or your co-workers use any of the passwords listed below, you are asking to be hacked. According to a report from the consulting firm Imperva, this list reflects an analysis of some 32 million passwords that an unknown hacker stole in December 2009 from RockYou, a company that makes software for users of social networking [...]
Connecticut AG Opens New Era in HIPAA Enforcement with Health Net Suit
In the first instance of a state attorney general exercising the new powers granted by the Health Information Technology for Economic and Clinical Health Act ("HITECH Act"), Connecticut Attorney General Richard Blumenthal (and recently announced candidate for the U.S. Senate) filed suit today against Health Net of Connecticut, Inc. for failing to secure private patient medical [...]
Accountants Ask Court To Exempt Them From Red Flags Rules
Last week the American Institute of Certified Public Accountants (AICPA) filed papers seeking summary judgment in the lawsuit filed against the Federal Trade Commission (FTC) to exempt accountants from the FTC’s Red Flags Rules. We first posted on this case in November, when the AICPA filed a complaint asking the federal court in Washington, D.C. [...]
Is the FTC “Moving to a Post-Disclosure Era” for Online Consumer Privacy?
Is the FTC moving to a "Post-Disclosure Era," in which consumer online privacy would be regulated in a radically different manner than the status quo? That was a suggestion made by the chairman of the FTC, Jon Leibowitz, and David Vladeck, chief of the FTC’s Bureau of Consumer Protection, during a recent on-the-record discussion about online privacy, reported in the New [...]
Incident of the Week: Twitter Used In Sting Operation To Find Out Who Leaked TSA Security Directive
Rumors are circulating that Special Agents from the Transportation Security Administration (TSA) have been posing as a Connecticut blogger on Twitter to find out who leaked airport security screening procedures put in place after the recent attack by the “underwear bomber.” This is a new twist in what some are describing as an overzealous [...]