On February 12, the White House released the widely anticipated Framework for Improving Critical Infrastructure Cybersecurity (“the Framework”). Developed pursuant to Executive Order 13636 (issued in February 2013), the Framework strongly encourages companies across the financial, communications, chemical, transportation, healthcare, energy, water, defense, food, agriculture, and other critical infrastructure sectors to implement and comply with its voluntary standards. The provisions set forth in the Framework may establish a new baseline for industry standard practices, and may impact or guide FTC enforcement actions and plaintiff data breach lawsuits.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Sidley Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSidley Data Matters Contributors2014-02-13 17:51:382014-02-13 17:51:38White House Releases NIST Cybersecurity Framework
On February 3, 2014, the U.S. Department of Health and Human Services (HHS) released a long-awaited final rule that amends the Clinical Laboratory Improvement Amendments of 1988 (CLIA) regulations and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy regulations to permit patients and their personal representatives to access laboratory test reports. By requiring expanded access, HHS rejects what some have characterized as “paternalistic” arguments that such reports are complicated and should be provided only through treating physicians. HHS justifies the rule as necessary to empower patients to take an active role in managing their health and healthcare. As anyone who has tried to interpret a laboratory test report can attest, whether the stated objectives of the new rule will be achieved has yet to be seen.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Sidley Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSidley Data Matters Contributors2014-02-05 18:11:132014-02-05 18:11:13Changes to CLIA and HIPAA Provide Greater Patient Access to Laboratory Test Reports
A draft report by the European Parliament’s Civil Liberties Committee (the LIBE Committee) indicates that it is attempting to fundamentally alter the existing compliance mechanisms for transferring personal data from Europe. The recently leaked draft is dated December 23, 2013 and expresses the LIBE Committee’s response to the U.S. NSA surveillance programs, surveillance in various EU Member States and the impact on EU citizen’s fundamental rights and on transatlantic cooperation (the Report).
“Data is the new oil” – This statement by Neelie Kroes in 2011 has since been on everyone’s mind and with the constant development of new technologies, the importance of data has grown dramatically over the past few years and in recognition of this it seems that we have now entered into a new era: the era of Big Data. William Long and Geraldine Scali, Partner and Associate respectively at Sidley Austin LLP explore the potential data protection issues that may arise.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Sidley Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSidley Data Matters Contributors2014-01-01 19:33:242014-01-01 19:33:24Data protection challenges in the new era of Big Data
The new year will ring in significant privacy, data protection and cybersecurity changes in the U.S., Europe, Asia and elsewhere around the world. Below are some key developments and possible concrete action items for General Counsels, Chief Privacy Officers and Chief Information Officers:
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Sidley Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSidley Data Matters Contributors2013-12-30 17:34:142013-12-30 17:34:14Heads Up for Privacy, Data Protection and Cybersecurity in 2014
The European Commission has released a comprehensive package of communications, reports and papers that set out actions which the Commission believes can restore trust in transatlantic data flows between the European Union and the United States following recent concerns over access to data by intelligence agencies.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Sidley Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSidley Data Matters Contributors2013-12-03 18:12:332022-10-18 18:30:37European Commission makes recommendations to strengthen Safe Harbor
The European Parliament’s Civil Liberties Committee (the “LIBE Committee”) has after several delays finally voted on the European Commission’s proposed EU Data Protection Regulation and adopted all amendments. The LIBE Committee also approved a mandate to start negotiations with the Council of Ministers (which represents EU Member States) and the Commission – the so called trilogue process. The Regulation was published by the European Commission in January 2012 and has been described as the most lobbied piece of European legislation in history receiving over 4,000 amendments in opinions from other Committees in the European Parliament as well as from numerous industries.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Sidley Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSidley Data Matters Contributors2013-10-22 18:15:232022-10-18 18:30:42European Parliament votes on new EU Data Protection Regulation
In November 2012, the UK Information Commissioner’s Office (ICO) published a Code of Practice on managing data protection risks related to anonymization. This Code provides a framework for organisations considering using anonymization and explains what it expects from organisations using such processors.
One of the benefits of anonymization is that the onerous data protection obligations under EU data protection laws, including the UK’s Data Protection Act 1998, will not apply to data rendered anonymous such that individuals are no longer identifiable.
https://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.png00Sidley Data Matters Contributorshttps://datamatters.sidley.com/wp-content/uploads/sites/2/2022/09/sidleyLogo-e1643922598198.pngSidley Data Matters Contributors2013-02-14 18:24:422022-10-18 18:30:49The UK Data Protection Authority issues a Code of practice on anonymization
White House Releases NIST Cybersecurity Framework
On February 12, the White House released the widely anticipated Framework for Improving Critical Infrastructure Cybersecurity (“the Framework”). Developed pursuant to Executive Order 13636 (issued in February 2013), the Framework strongly encourages companies across the financial, communications, chemical, transportation, healthcare, energy, water, defense, food, agriculture, and other critical infrastructure sectors to implement and comply with its voluntary standards. The provisions set forth in the Framework may establish a new baseline for industry standard practices, and may impact or guide FTC enforcement actions and plaintiff data breach lawsuits.
(more…)
Sidley Data Matters Contributors
Sidley Austin Privacy Group
1n-licensing@onenorth.com
Changes to CLIA and HIPAA Provide Greater Patient Access to Laboratory Test Reports
On February 3, 2014, the U.S. Department of Health and Human Services (HHS) released a long-awaited final rule that amends the Clinical Laboratory Improvement Amendments of 1988 (CLIA) regulations and the Health Insurance Portability and Accountability Act of 1996 (HIPAA) privacy regulations to permit patients and their personal representatives to access laboratory test reports. By requiring expanded access, HHS rejects what some have characterized as “paternalistic” arguments that such reports are complicated and should be provided only through treating physicians. HHS justifies the rule as necessary to empower patients to take an active role in managing their health and healthcare. As anyone who has tried to interpret a laboratory test report can attest, whether the stated objectives of the new rule will be achieved has yet to be seen.
(more…)
Sidley Data Matters Contributors
Sidley Austin Privacy Group
1n-licensing@onenorth.com
European Parliament’s Civil Liberties Committee Report calls for immediate suspension of Safe Harbor
A draft report by the European Parliament’s Civil Liberties Committee (the LIBE Committee) indicates that it is attempting to fundamentally alter the existing compliance mechanisms for transferring personal data from Europe. The recently leaked draft is dated December 23, 2013 and expresses the LIBE Committee’s response to the U.S. NSA surveillance programs, surveillance in various EU Member States and the impact on EU citizen’s fundamental rights and on transatlantic cooperation (the Report).
(more…)
Sidley Data Matters Contributors
Sidley Austin Privacy Group
1n-licensing@onenorth.com
Data protection challenges in the new era of Big Data
Data Protection Law & Policy
“Data is the new oil” – This statement by Neelie Kroes in 2011 has since been on everyone’s mind and with the constant development of new technologies, the importance of data has grown dramatically over the past few years and in recognition of this it seems that we have now entered into a new era: the era of Big Data. William Long and Geraldine Scali, Partner and Associate respectively at Sidley Austin LLP explore the potential data protection issues that may arise.
View Article
William RM Long
London
wlong@sidley.com
Geraldine Scali
gscali@sidley.com
Heads Up for Privacy, Data Protection and Cybersecurity in 2014
The new year will ring in significant privacy, data protection and cybersecurity changes in the U.S., Europe, Asia and elsewhere around the world. Below are some key developments and possible concrete action items for General Counsels, Chief Privacy Officers and Chief Information Officers:
(more…)
Sidley Data Matters Contributors
Sidley Austin Privacy Group
1n-licensing@onenorth.com
European Commission makes recommendations to strengthen Safe Harbor
The European Commission has released a comprehensive package of communications, reports and papers that set out actions which the Commission believes can restore trust in transatlantic data flows between the European Union and the United States following recent concerns over access to data by intelligence agencies.
(more…)
Sidley Data Matters Contributors
Sidley Austin Privacy Group
1n-licensing@onenorth.com
European Parliament votes on new EU Data Protection Regulation
The European Parliament’s Civil Liberties Committee (the “LIBE Committee”) has after several delays finally voted on the European Commission’s proposed EU Data Protection Regulation and adopted all amendments. The LIBE Committee also approved a mandate to start negotiations with the Council of Ministers (which represents EU Member States) and the Commission – the so called trilogue process. The Regulation was published by the European Commission in January 2012 and has been described as the most lobbied piece of European legislation in history receiving over 4,000 amendments in opinions from other Committees in the European Parliament as well as from numerous industries.
(more…)
Sidley Data Matters Contributors
Sidley Austin Privacy Group
1n-licensing@onenorth.com
The UK Data Protection Authority issues a Code of practice on anonymization
In November 2012, the UK Information Commissioner’s Office (ICO) published a Code of Practice on managing data protection risks related to anonymization. This Code provides a framework for organisations considering using anonymization and explains what it expects from organisations using such processors.
One of the benefits of anonymization is that the onerous data protection obligations under EU data protection laws, including the UK’s Data Protection Act 1998, will not apply to data rendered anonymous such that individuals are no longer identifiable.
(more…)
Sidley Data Matters Contributors
Sidley Austin Privacy Group
1n-licensing@onenorth.com
Upcoming Events
Women in Privacy Networking Event
Resources
Meet the Team
Kwaku A. Akowuah
kakowuah@sidley.com
Sheila A.G. Armbrust
sarmbrust@sidley.com
Francesca Blythe
fblythe@sidley.com
Colleen Theresa Brown
ctbrown@sidley.com
John M. Casanova
jcasanova@sidley.com
Thomas D. Cunningham
tcunningham@sidley.com
Tomoki Ishiara
tishiara@sidley.com
Amy P. Lally
alally@sidley.com
David C. Lashway
dlashway@sidley.com
Linh Lieu
linh.lieu@sidley.com
William RM Long
wlong@sidley.com
Joan M. Loughnane
jloughnane@sidley.com
Geeta Malhotra
gmalhotra@sidley.com
Alan Charles Raul
araul@sidley.com
Sean Royall
sroyall@sidley.com
Jennifer B. Seale
jseale@sidley.com
Yuet Ming Tham
ytham@sidley.com
John K. Van De Weert
jvandeweert@sidley.com
Jonathan M. Wilan
jwilan@sidley.com
John W. Woods Jr.
jwoods@sidley.com