Identity Theft

FTC starts sending out checks to LifeLock victims

LifeLock — The Federal Trade Commission began sending checks to almost a million consumers who were subscribers to the LifeLock ID theft protection service. LifeLock agreed to pay fines of $11 million to the FTC and $1 million to a group of state attorneys generals to settle charges that had been made against the company. Consumers with questions about this distribution may call 888-288-0783 or see the FTC’s web page on this, http://www.ftc.gov/refunds.

Medical data breach rule needs more work; World Privacy Forum files comments with HHS requesting changes

Data Breach | HHS HITECH Breach Notification — The World Privacy Forum filed comments on the HHS data breach rulemaking and asked for substantive changes in several areas. In particular, WPF asked HHS to expressly state a requirement for a breach risk assessment in the final rule itself, and to set a requirement that the risk assessment must be conducted by an independent organization. The WPF also asked that HHS set breach risk assessment standards so that there is some uniformity and guidance as to what constitutes an appropriately rigorous risk assessment when a breach occurs. In the comments, WPF also discussed the relationship between medical identity theft and medical data breach and how this impacts patients and consumers.