On the same day that the European Commission debuted the EU-U.S. Privacy Shield, the Article 29 Working Party (WP29) issued a statement welcoming the publication of the draft “adequacy decision” of the European Commission as well as the legal texts that constitute the Privacy Shield arrangement. In accordance with its mission, WP29 said that it would […]
European Commission Debuts EU-U.S. Privacy Shield
In a development eagerly anticipated by businesses on both sides of the Atlantic, the European Commission has published the legal instruments needed to put in place the “EU-U.S. Privacy Shield” for transfers of personal data from Europe to the United States. The issued documents include a draft adequacy decision by the Commission finding that the […]
Working Paper on Internet Service Providers and Privacy Released
On February 29, The Institute for Information Security and Privacy released a Working Paper titled, “Online Privacy and ISPs: ISP Access to Consumer Data is Limited and Often Less than Access by Others.” Peter Swire, Senior Counsel at Alston & Bird and Professor at the Georgia Institute of Technology Scheller College of Business authored the […]
HHS Issues HIPAA Security Rule Crosswalk with NIST Cybersecurity Framework
Last week, the HHS Office for Civil Rights (OCR) released a crosswalk between the requirements of the HIPAA Security Rule and the NIST Cybersecurity Framework. The crosswalk – which was developed in conjunction with the National Institute of Standards and Technology (NIST) and the HHS Office of the National Coordinator for Health IT – maps each […]
Judicial Redress Act Enacted
Yesterday evening, President Obama signed the Judicial Redress Act (“the Act”) into law. The Act extends the 1974 “Privacy Act” and provides qualifying non-U.S. individuals with limited rights to review, copy, and request amendments to records about themselves maintained by federal government agencies. We previously examined a draft of the bill on this blog here. […]