Blogs: eDiscovery and Cybersecurity Law

  • New Legislation Addresses Mobile App Privacy in California

    by Stephen Wu on February 27, 2014

    The healthcare field is beginning to hop onto the bandwagon of mobile computing. Mobile computing is spreading to healthcare in a number of ways. The first use case is in diagnostics, in which a doctor or nurse could use a device to monitor health metrics, such as vital signs (whether at hospital stays or simply during a routine check-up), glucose levels for diabetics, sleep data, caloric or…

  • New California Do Not Track Legislation

    by Stephen Wu on February 3, 2014

    Under California’s Online Privacy Protection Act (OPPA) of 2003,[1] California law requires commercial websites or online services that obtain personally identifiable information about California consumers to conspicuously post their privacy policies. “Personally identifiable information” includes a first and last name, address, email address, telephone number, social security number, or any…

  • New Target Data Breach Lawsuits

    by Stephen Wu on December 31, 2013

    The recent massive data breach into Target’s payment systems compromising millions of payment card numbers is now on the list of the most infamous breaches. In addition, stories are now appearing in news media about lawsuits being filed in the wake of the data breach by victims whose payment card information was believed stolen. I am writing this post to explain what a typical data breach lawsuit…

  • California’s New “Eraser” Privacy Law Aimed at Protecting Minors

    by Stephen Wu on September 29, 2013

    On September 23, 2013, Governor Jerry Brown signed a new piece of legislation aimed at the online protection of minors. Designated Senate Bill 568, the new law received publicity for giving minors an “Internet eraser,” requiring online services to provide a mechanism by which minors can remove their own social media and other online content. This mechanism is intended to give minors the ability…

  • Why Have a Privacy Policy

    by Stephen Wu on August 28, 2013

    Privacy has been a hot legal issue for years, and the temperature is moving even higher. Governmental enforcement actions and class action suits have become ever more common. One common trigger is a data privacy or security breach. Surprisingly, in 2013, another common trigger is the lack of a privacy policy. Yes, there are some companies that create online services or Internet applications…

  • Update on BYOD and Mobile Device Management Book

    by Stephen Wu on June 22, 2013

    Last month, I wrote about the Mobile Transformation, the consumerization of information technology, and managing mobile devices in the enterprise. I gave a sneak preview of my upcoming book on managing mobile devices in the enterprise. I just finished reviewing the page proofs for the book. Accordingly, the book is on track for the publisher, the American Bar Association Section of Science …

  • Legal Issues in Managing Mobile Devices in the Enterprise

    by Stephen Wu on May 17, 2013

    This month, I completed a book on the legal issues involved with managing mobile devices in the enterprise. The publisher will be the American Bar Association Section of Science & Technology Law. I served as Chair of the Section from 2010 to 2011. I expect the Section to publish the book in time for the American Bar Association Annual Meeting in August in San Francisco. But the purpose of this…

  • California's New Defense for Medical Data Breach Cases

    by Stephen Wu on February 24, 2013

    Last year, I discussed the phenomenon of a big dollar class action suit seeking almost a billion dollars in statutory damages arising out of a healthcare data breach.#_ftn1 A break-in at Sutter Health occurred at its administrative offices in October 2011, in which burglars stole a desktop computer containing unencrypted electronic medical records on a large number of patients. On the date Sutter…

  • California Legislation Adds New Employer Records Management Requirements

    by Stephen Wu on January 13, 2013

    California companies must keep track of records and information management (RIM) requirements for the generation, retention, and disclosure of various records. It is difficult to keep track of all of them. Consequently, it makes sense to devote resources, whether internal or an external consulting firm, to match requirements to the types of records that they use. Last year, a trio of new pieces…

  • BYOD and Employee Privacy--Factors to Consider

    by Stephen Wu on December 12, 2012

    Let’s say that your company has a “Bring Your Own Device” (BYOD) policy permitting employees to use personal mobile devices for work. Do your employees have a reasonable expectation that their mobile device information is private, even if some of that information is work-related? Can an employer compel access to that information? A recent case sheds some light on the factors a court will use to…

This document was retrieved from http://www.rsaconference.com/blogs on Wed, 01 Oct 2014 14:16:24 -0400.
© 2014 EMC Corporation. All rights reserved.