Law.com Subscribers SAVE 30%
Call 855-808-4530 or email [email protected] to receive your discount on a new subscription.
'Information Security 101'
Recent headlines have reported a startling number of security breaches and information thefts. A major university notified 120,000 of its alumni after a computer containing fundraising information including addresses and Social Security numbers was hacked by an unknown intruder; a subsidiary of the Lexis Nexis group announced that the records of 32,000 individuals may have fallen into the hands of thieves using the passwords of legitimate subscribers; Bank of America reported the loss of backup tapes containing the financial records of up to 1.2 million federal employees; payroll outsourcer PayMaxx faced allegations that it had exposed 25,000 customer records, including W-2 information, online; and cell phone provider T-Mobile released information about a hacker who was able to exploit a security weakness in a commercial software package to access customer records, sensitive government documents, private e-mail and candid celebrity photos.
These stories have caught the attention of federal lawmakers, who are proposing legislation to address the security vulnerabilities in a world where personal data is increasingly available through digital media. But computer security is already a matter of law for many companies that provide health benefits for their employees. April 20, 2005 was the effective date for regulations regarding the security of electronic health information under the Health Insurance Portability and Accountability Act of 1996 (HIPAA Security Rule). (Note, “Small health plans,” or those with less than $5 million in receipts, have an additional year to comply [April 20, 2006]. For further information on how to calculate “receipts” in determining whether your plan is “small,” go to the Centers for Medicare and Medicaid Services [CMS] HIPAA Web site: www.cms.hhs.gov/hipaa/ hipaa2 /default.asp, select “Frequently Asked Questions” and then search for “small health plans.”) As was the case with the HIPAA Privacy requirements that went into effect in April 2003, all individual or group health plans that provide or pay for the cost of health care are covered. This means employer-sponsored medical plans, medical expense reimbursement accounts, and any separate dental and vision plans, whether provided through the purchase of insurance (fully insured plans) or paid directly out of company assets (self-insured plans).
Information Covered By the HIPAA Security Rule
Major Differences In UK, U.S. Copyright Laws
This article highlights how copyright law in the United Kingdom differs from U.S. copyright law, and points out differences that may be crucial to entertainment and media businesses familiar with U.S law that are interested in operating in the United Kingdom or under UK law. The article also briefly addresses contrasts in UK and U.S. trademark law.
The Article 8 Opt In
The Article 8 opt-in election adds an additional layer of complexity to the already labyrinthine rules governing perfection of security interests under the UCC. A lender that is unaware of the nuances created by the opt in (may find its security interest vulnerable to being primed by another party that has taken steps to perfect in a superior manner under the circumstances.
Strategy vs. Tactics: Two Sides of a Difficult Coin
With each successive large-scale cyber attack, it is slowly becoming clear that ransomware attacks are targeting the critical infrastructure of the most powerful country on the planet. Understanding the strategy, and tactics of our opponents, as well as the strategy and the tactics we implement as a response are vital to victory.
Legal Possession: What Does It Mean?
Possession of real property is a matter of physical fact. Having the right or legal entitlement to possession is not "possession," possession is "the fact of having or holding property in one's power." That power means having physical dominion and control over the property.
The Stranger to the Deed Rule
In 1987, a unanimous Court of Appeals reaffirmed the vitality of the "stranger to the deed" rule, which holds that if a grantor executes a deed to a grantee purporting to create an easement in a third party, the easement is invalid. Daniello v. Wagner, decided by the Second Department on November 29th, makes it clear that not all grantors (or their lawyers) have received the Court of Appeals' message, suggesting that the rule needs re-examination.