As technology advances, the advertising world is keeping pace. Companies can now advertise more easily and effectively across the Internet. However, the risks associated with that convenience are becoming more and more apparent.

Many companies employ third-party advertising services that use online consumer data and automated software to place advertisements across millions of websites, thousands of apps, and different user-generated video services. Unfortunately, because of this wide-reaching marketing tool, organizations employing targeted ads risk having their advertisement and brand displayed alongside offensive content. (Some types and uses of targeted ads have even faced legal challenges.)

Continue Reading Targeted Ads Using Consumer Data May Target Risky Sites (and how to prevent it)

Last week, a number of Husch Blackwell attorneys participated in the firm’s sponsorship of the 2017 South by Southwest (SXSW) Conference and Festivals in Austin, Texas. A contingency of our Healthcare attorneys attended the sessions and staffed our booth at the SXSW Trade Show’s Health Pavilion. There were several sessions focused on emerging health technology which is increasingly pushing the limits of HIPAA.

Our blog post from the SXSW Conference details some of the new technologies being developed, what this means for patient data, a quick primer on the privacy and security components of HIPAA and the Federal Trade Commission’s involvement in the topic.

Internet search giant Yahoo!Inc. (“Yahoo”) revealed last year that it was the victim of two massive data breaches back in 2013 and 2014 that potentially affected more than 1.5 billion users. Investigations into the incidents continue to reveal potentially damning information regarding what the company knew and when, how the company responded to the breaches, and the status of Yahoo’s information security at the time of the breaches. The details that have emerged paint the picture of a company that failed to adhere to basic data security requirements. Unfortunately, the technology company will likely become a case-study in what happens when an organization fails to follow security best practices.

Continue Reading Yahoo Data Breaches: A Lesson in What Not to Do

Talking with bestie on social media!Remember when Edward Snowden showed the world how easy it is for your cell phone to record everything you say? Initial gut reaction for many was something along the lines of disbelief to shock. As time went by, many people took comfort in the idea that the government could not care less about their day-to-day activities. After all—for most of us—our day consists of the daily routine of workout, work, and daily errands. Yet, spying is not limited to the intelligence community. As we have seen again and again, health information is particularly valuable. Devices such as Internet cameras (think security cameras) or perhaps even web cams (the little lens that stares from the top of your laptop) pose risks to health data. Many health entities have not considered the unique risks posed by such devices, but it is a risk the Federal Trade Commission is not ignoring. Continue Reading IoT Security: Same…Err…Stuff, Different Day

dataLocks148650499Colleges and universities frequently hire third-party vendors to provide services that involve student data—cloud storage, online education delivery, and online grade books to name a few. Although the arrangements are common, they can run afoul of the Family Educational Rights and Privacy Act (20 U.S.C. § 1232g; 34 CFR Part 99) (FERPA) and other data privacy best practices. Colleges and universities should contemplate privacy and security issues when contracting with third-party vendors and include language in the service agreement that identifies exactly what information is being shared and protects how the information can be used in the future. Continue Reading 5 simple rules for FERPA contracting compliance

Image copyright Catherine Lane 2015The beginning of a new year offers the perfect opportunity for companies to review their privacy and data security practices and make any needed adjustments. Since it is a matter of “when,” not “if,” your company will be the target of a data breach, your organization should proactively ensure that you are prepared for the inevitable. We suggest all companies resolve to do the following in 2017 to set themselves on the right course for the year: Continue Reading New Year’s ‘resolutions’ for privacy and data security

White House, U.S._166211048As the shock of Trump’s surprise election win gives way to processing the consequences of a Trump presidency, one issue that has not gotten as much attention is privacy and data security.

Trump did not say much on this topic on the campaign trail and his “vision” for cybersecurity on his campaign website is relatively thin. But we can glean some information from his public comments. As always with Trump, unpredictability is his trademark, so it is anyone’s guess whether his actions going forward will be consistent with his past statements. Continue Reading What a Trump presidency may mean for privacy and data security

Innovation - Idea - Light Bulb -92265641The IoT, or Internet of Things, connects physical devices containing software, sensors, and/or network connectivity and includes anything and everything from wearable technologies, to drones, to driverless cars. Madison Partner Mindi Giftos explains the business and legal ramifications of this technology in a piece published in In Business Madison magazine online this month.

Read more.

Hand held distress flaresMore and more frequently the following question arises: “What do we do about personal, sensitive, and business information owned by or residing with a financially troubled company?” Information is an intangible asset and often has significant value. Information increasingly resides with a party other than the owner and may need to be transferred in unexpected ways. Unfortunately, the thinking about this question often arises after financial distress is readily apparent, such as after a bankruptcy filing. Planning should occur much earlier, whether for the business in distress or in dealing with a business that could suffer financial distress (hint 1 – the latter is every business). Continue Reading Information in Distress – Part 1