Tag Archives: Attorney General

Massachusetts AG Creates “Data Privacy and Security Division”; What Enforcement Changes Will Follow?

Massachusetts Attorney General Maura Healey recently announced the creation of the Data Privacy and Security Division within her office, with the stated goal of “protect[ing] consumers from the surge of threats to the privacy and security of their data in an ever-changing digital economy.”

The leadership of the Office of the Attorney General’s (OAG’s) privacy and security efforts will not change:  Sara Cable,… More

The Massachusetts Attorney General’s Complaint Against Equifax

As most are aware, the Massachusetts Attorney General has won the race to the courthouse and been the first regulator to file suit against Equifax.

  • The 28 page complaint is summed up on paragraph 4:Consumers do not choose to give their private information to Equifax, and they do not have any reasonable manner of preventing Equifax from collecting, processing, using, or disclosing it. Equifax largely controls how,…
  • More

The Future of Data Privacy Regulation in Massachusetts? AG’s Office Foreshadows State Action on Consumer Data in First-of-its Kind Conference

What is the future of data privacy regulation in Massachusetts?

On March 24, 2016, the Massachusetts Attorney General’s Office gave us a glimpse. In collaboration with Harvard’s Berkman Center for Internet and Society, and MIT’s Internet Policy Research Initiative and Computer Science and Artificial Intelligence Laboratory, the AG’s Office convened a “Forum on Data Privacy.”  In this first-of-its-kind conference,… More

Massachusetts Attorney General Secures $140,000 Settlement of Claims that Patient Information Was Left in a Town Dump

The Massachusetts Attorney General announced today that the former owners of a medical billing practice and four pathology groups have agreed to collectively pay $140,000 to settle allegations that medical records and patient billing information for “tens of thousands of Massachusetts patients were improperly disposed of at a public dump.”  Under the settlements, the defendants have agreed to pay a total of $140,000 for civil penalties, attorney fees,… More

Data Breaches Continue To Be A Problem For Health Care Providers: South Shore Hospital (Massachusetts) Pays $750,000 To Settle Data Breach Charges

An aptly-timed article from Mass High Tech Business News noted earlier today that: “Data Breaches [Are] a Growing Problem in Health Care.”  This article focused on a recent breach at Boston Children’s Hospital involving the records of 2,000 patients.

The article was prescient, as this afternoon, the Massachusetts Attorney General announced a $750,000 settlement with suburban Boston’s South Shore Hospital, relating to a 2010 data breach.… More

State Attorneys General Write to Google

In a letter sent earlier today, 37 state attorneys generals (or their equivalents) wrote to Larry Page, Google’s CEO, "to express our strong concerns with the new privacy policy that Google announced it will be adopting for all of its consumer products."

According to the letter:

Google’s new privacy policy is troubling for a number of reasons. On a fundamental level, the policy appears to invade consumer privacy by automatically sharing personal information consumers input into one Google product with all Google products.… More

Connecticut AG Opens New Era in HIPAA Enforcement with Health Net Suit

In the first instance of a state attorney general exercising the new powers granted by the Health Information Technology for Economic and Clinical Health Act ("HITECH Act"), Connecticut Attorney General Richard Blumenthal (and recently announced candidate for the U.S. Senate) filed suit today against Health Net of Connecticut, Inc. for failing to secure private patient medical records and financial information involving 446,000 enrollees in Connecticut and for failing to promptly notify consumers of the security breach.… More