Commentaries and Analyses

New York Becomes Fifth State to Define a Breach to Include “Access” to Information

Daniel De Zayas, a legal intern at ZwillGen, writes: New York has updated its breach notification and data security law, expanding the definition of a data breach and imposing detailed reasonable security requirements, among other changes. The amendment also adds a number of new data elements to the definition of “private information.” On July...

Health IT companies impacted by browser extension data leak: report

Heather Landi reports: Browser extensions, also known as add-ons or plug-ins, are commonly used by desktop Web surfers to do things ranging from blocking ads to remembering passwords to checking grammar. According to an independent security researcher, some extensions have been leaking and exposing browsing activity data, including patient names and health information from...

All clear? Server exposure from Illinois vendor with access to driver’s license data raises questions

Tina Sfondeles reports: A computer server of a vendor with city and state contracts to sell Illinois license plate stickers and Chicago vehicle stickers at currency exchanges was exposed to the Internet in May — although city and state officials insist there was no security breach. But that’s not enough for one Cook County...