On behalf of your NCBA Privacy & Data Security Section, we would like to invite you to attend the Section’s 2019 Annual Meeting, to be held at the NC Bar Center in Cary on Thursday, October 24.
Whether you’re an experienced privacy and data security practitioner, an attorney hoping to learn more about this exciting area of practice, or a general practitioner looking to be prepared when a client inevitably calls with a data privacy concern, this CLE provides valuable insight from seasoned experts on the current privacy landscape. It’s an opportunity you don’t want to miss!
Join your fellow Privacy & Data Security colleagues for a day of interesting and timely CLE presentations including:
· Update of US Data Privacy Law
· GDPR – A Year Later and Beyond
· Privacy & Technology and the Lawyer (ethics and tech credit!)
· Mock Data Breach
During lunch we have a Keynote Speaker, Representative Saine – “A Legislative Perspective on Cyber Security and Identity Theft in North Carolina.”
Dear Members of the Privacy and Data Security Section:
It is my privilege to serve as the chair of the Privacy and Data Security Section during the 2019-2020 bar year. Following our inaugural Section Council meeting on July 31, I wanted to take this opportunity to welcome everyone to the Section and provide updates on the Section’s work and upcoming events.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngSecurity2019-08-06 15:15:272019-08-07 11:15:33Welcome To the NCBA Privacy and Data Security Section's Inaugural Year
Last month, the attorneys general (“AGs”) of sixteen states, including North Carolina, settled a multistate HIPAA enforcement lawsuit against Medical Informatics Engineering (MIE), a cloud-based electronic health records vendor.
The lawsuit was the first time that state AGs have joined together to pursue a HIPAA-related data breach case in federal court.
This post explores the case, State of Indiana v. Medical Informatics Engineering, and its potential implications for future state data security enforcement efforts.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngSecurity2019-06-26 16:43:562019-08-06 15:16:37The Medical Informatics HIPAA Settlement: Implications for the Future of State Data Security Enforcement
We cannot believe that the European Union’s General Data Protection Regulation (GDPR) just turned one. And we know we are not alone — many of you have advised your clients on the GDPR, sat through a CLE on the GDPR or, at a minimum, googled “the GDPR” in the days and months leading up to its enforcement date of May 25, 2018. After all, according to the European Commission, in May 2018 the GDPR was googled more times than Beyoncé and Kim Kardashian. [1]
During 2018, the North Carolina Department of Justice received notices from businesses of a total of 1,057 data breaches, affecting 1.9 million North Carolinians.[1] Businesses subject to N.C. Gen. Stat. § 75-65 must provide breach notices to all affected persons.[2] Although not legally obligated to do so under North Carolina law, many affected businesses also offer victims a period of free credit monitoring. Credit monitoring does alert a subscriber to credit file changes. Anyone who wants to do more than sit and wait for identity theft to happen, however, must lock down access to their credit reports by initiating statutory security freezes.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngSecurity2019-04-25 12:03:282019-04-25 12:07:25Spring Has Arrived, But the National Credit Security Freeze Is Here To Stay
In late February 2019, a new amendment to the California Consumer Privacy Act (“CCPA,” “Act,” “title”) was proposed—SB-561. On its face this is a very significant amendment in that it changes the consumer’s private right of action from a very constrained set of circumstances to the violation of any “right under this title.” But a closer look at this proposed amendment reveals that the impact is far more profound in that it greatly expands the scope of the potential defendants by extending the private right of action to violations not just by “businesses” but also any other third parties.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngSecurity2019-03-27 13:56:562019-03-27 13:56:56Think the CCPA Does Not Apply To You Or Your Clients? Better Think Again.
Corporate America, retooling privacy programs following California and Europe’s enactment of comprehensive privacy standards, is looking to Congress for a federal counterpart. The United States has traditionally had little appetite for comprehensive privacy regulation. Instead, it has followed a sectoral approach, protecting specific sectors such as health (such as Health Insurance Portability Accountability Act or HIPAA), financial services (such as Gramm-Leach-Bliley Act or GLBA), or vulnerable populations such as minors (such as Children’s Online Privacy Protection Act or COPPA).
The new Privacy and Data Security Section is now open for member registration. Click here to join.
The latest push may be different however. Faced with the California Consumer Privacy Act (CCPA) — itself enacted to ward off even more stringent rules — and CCPA-like privacy bills pending in other states, a comprehensive federal statute may well be on the horizon.
So what issues should privacy counsel monitor as the privacy sausage is made? Here are five.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngSecurity2019-03-06 16:33:492019-03-07 11:24:47Five Issues To Watch For In Federal Privacy Legislation
As we begin the new year, data security and privacy law are definitively in vogue. Between Russia’s social media campaigns,[1] renewed tensions with China that include their industrial cyber theft operations,[2] breaches at major U.S. companies like Equifax,[3] Facebook,[4] Yahoo,[5] and Marriot,[6] and the unending barrage of privacy policy updates that the European Union’s General Data Protection Regulation (“GDPR”) has spurred,[7] cybersecurity and privacy issues can justifiably jump to the top of the list of issues lawyers need to address as soon as possible. And that urgency comes even before the technology skills gap is taken into account: at the time of this posting, only Florida and North Carolina require lawyers to have technology training as part of their continuing legal education.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00Securityhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngSecurity2019-02-08 12:02:112019-02-11 10:06:00Data Privacy Law: Not Just For the Big Guys
This just in: The Privacy and Data Security Committee is on its way to becoming a new North Carolina Bar Association Section. With growing interest in the Privacy and Data Security arena, the North Carolina Bar Association formed a Privacy and Data Security Committee in June 2017. NCBA members from various practice areas joined the Committee to discuss privacy and data security matters that impact the general public and the legal profession at large. On Jan. 17, 2019 the NCBA’s Board of Governors approved the Committee’s application to become a full-fledged NCBA Section. As you can see, the Privacy and Data Security Section is on the move.
Whether your practice area focuses on privacy and data security, or just want to stay informed the latest topics and trends, you will find great benefit in joining the new Section, which will officially commence at the start of the new NCBA’s 2019-2020 fiscal year in July. Below is a list of membership benefits:
Opportunities to meet and network with other privacy and data security practitioners;
Opportunities to join interest-based subcommittees focusing on important privacy and data security issues, including those that arise in the international, in-house, law firm, public service, and law enforcement contexts;
Opportunities to attend CLEs and informal knowledge-sharing and social events;
Committee and subcommittee leadership opportunities;
Opportunities to publish and present on privacy and data security issues; and
Access to a Section listserv, a forum for members to connect and exchange questions and comments on developments in the field.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00NCBARBLOGhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngNCBARBLOG2019-01-22 14:26:092019-01-22 14:53:31NCBA Privacy and Data Security Committee To Become a Section
One of the hottest areas in the law is privacy and data security. Both the NCBA and our colleagues at the North Carolina State Bar have noticed.
In this inaugural blog post of the NCBA’s Privacy and Data Security Committee, we discuss two developments of which all North Carolina lawyers interested in this important field should take note: (1) the State Bar’s new Privacy and Information Security Law specialty certification, and (2) plans for our Committee to become a full-fledged NCBA Section.
https://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.png00NCBARBLOGhttps://ncbarblogprod.wpengine.com/wp-content/uploads/2018/06/Blog-Header-1-1030x530.pngNCBARBLOG2018-06-20 11:09:332019-01-23 10:55:12Privacy and Data Security Law: Kind of a Big Deal
By 
By 
By 
By 
By 
By 