DATA PROTECTION

H. Carol Saul, Limiting Law Firm Exposure to HITECH Act Liability: Do You Know Where Your Client’s Protected Health Information Is?, Georgia Bar Journal 24 (April 2010)

Date 04/30/2010.

Conclusion of the Article: “Although the overarching purpose of the HITECH Act [Health Information Technology for Economic and Clinical Health Act of 2010] is to provide a path for the federal government to achieve its goal of establishing widespread use of electronic health records by 2014, the HITECH Act’s reach extends more broadly than just […]

Richard Acello, Get Your Head in the Cloud, ABA Journal (April 2010 Issue)

Date 04/01/2010.

From the Article: “Interest in ‘cloud computing’ is picking up steam among lawyers for several good reasons. Proponents say its advantages center on economy, simplicity and accessibility…But some of the advantages of cloud computing also are reasons for lawyers to be cautious about its use. In particular, the fact that client data and work product […]

Center for Democracy and Technology, Protecting Privacy in Online Identity: A Review of the Letter and Spirit of the Fair Credit Reporting Act’s Application to Identity Providers

Date 03/31/2010.

CDT insists on “the need to develop some type of private or public legal regime that ensures identity providers properly safeguard consumer privacy in the emerging identity management industry”. CDT also highlighted that “If identity services are covered under the FCRA, relying parties would also have a number of important FIPs-related obligations including: Use Limitation […]

Article 29 Data Protection Working Party, Opinion 1/2010 on the concepts of “controller” and “processor”

Date 02/16/2010.

From the Executive Summary: “The concept of data controller and its interaction with the concept of data processor play a crucial role in the application of Directive 95/46/EC, since they determine who shall be responsible for compliance with data protection rules, how data subjects can exercise their rights, which is the applicable national law and […]

European Commission Decision 2010/87/EU

Date 02/05/2010.

European Commission Decision 2010/87/EU on standard contractual clauses for the transfer of personal data to processors established in third countries under Directive 95/46/EC of the European Parliament and of the Council Official Journal of the European Union L39/5, February 12, 2010   Whereas of the decision: “(2) Article 26(2) of Directive 95/46/EC provides that Member States may […]

State Bar of Arizona Ethics Opinion 09-04

Date 12/31/2009.

Arizona State Bar Association Committee on the Rules of Professional Conduct Topics: Confidentiality; Maintaining Client Files; Electronic Storage; Internet Summary of the Committee: “Lawyers providing an online file storage and retrieval system for client access of documents must take reasonable precautions to protect the security and confidentiality of client documents and information.  Lawyers should be […]

EU Directive 2009/136/EC of the European Parliament and of the Council

Date 11/25/2009.

of 25 November 2009 amending Directive 2002/22/EC on universal service and users’ rights relating to electronic communications networks and services, Directive 2002/58/EC concerning the processing of personal data and the protection of privacy in the electronic communications sector and Regulation (EC) No 2006/2004 on cooperation between national authorities responsible for the enforcement of consumer protection […]

Illinois State Bar Association Opinion 10-01

Date 07/31/2009.

ISBA Professional Conduct Advisory Opinion No. 10-01 Topic: Law firm’s maintenance of confidential information while working with third party technology vendor Digest of the ISBA: “A law firm’s utilization of an off-site network administrator to assist in the operation of its law practice will not violate the Illinois Rules of Professional Conduct regarding the confidentiality of client information […]