FOR IMMEDIATE RELEASE September 10, 2014 San Diego — The World Privacy Forum is urging parents and college students to exercise their right to “opt out” of schools sharing their personal directory information with third parties. “The beginning of the school year is a key time when the school information opt-out period opens up,” explained
Q: Why is my kid’s email and home address being sold on a marketing list? I didn’t give permission for this information to be released! How did this happen? This kind of sharing could happen unless you proactively opt out of allowing schools to share the information they keep on your kids such as their
California Governor Jerry Brown signed a new law today that requires smartphone phone manufacturers to put a “kill switch” (remote lock) in phones, and to turn it on by default. Lawmakers have stated that they see this as an important way to reduce smart phone crimes. For consumers, it’s a way to prevent our personal information from getting into the wrong hands when we misplace, lose, or otherwise are missing our smartphones. Apple users can already use Find My iPhone as a remote lock. See more …
New California privacy enforcement office — California Attorney General Kamala Harris has created a new privacy protection and enforcement unit. The unit will be housed in the Department of Justice and will focus on protecting consumer and individual privacy through civil prosecution of state and federal privacy laws, a news release said. “The Privacy Unit’s mission to enforce and protect privacy is broad. It will enforce laws regulating the collection, retention, disclosure, and destruction of private or sensitive information by individuals, organizations, and the government. This includes laws relating to cyber privacy, health privacy, financial privacy, identity theft, government records and data breaches. By combining the various privacy functions of the Department of Justice into a single enforcement and education unit with privacy expertise, California will be better equipped to enforce state privacy laws and protect citizens’ privacy rights. ” Joanne McNabb, who ran the now de-funded California Office of Privacy Protection, will serve as director of privacy education and policy for the unit.
In a rare enforcement action of HIPAA, HHS fined an Arizona health care provider $100,000 for a variety of HIPAA violations, especially regarding electronic exchanges of protected health information. The HHS document outlining the reasons for the fine should act as a wake-up call to health care providers using public email, calendaring, and other tools for communication of ePHI. HHS specifically noted that the fined health care provider did not conduct an adequate risk assessment prior to using the email and Internet tools. The full HHS document is a must-read for health care providers. WPF has been warning about the need for full e-risk assessments since 2005 and strongly advocates for medical-identity-theft-specific risk assessments.