As a general rule, the Children’s Online Privacy Protection Act (COPPA) requires operators of websites (including mobile apps) directed to children under the age of 13 to obtain verifiable parental consent before collecting personal information from those users. COPPA sets forth a non-exhaustive list of acceptable methods for obtaining parental consent. For example, operators can

According to a recent survey by KPMG, eighty percent (80%) of health care executives report that their information technology systems have been compromised by cyber attacks. Most healthcare institutions, the survey found, lack sufficient tracking and reporting capabilities and are failing to report and manage threats that are occurring on a daily basis.

Daily threats

Is a hospital a “consumer reporting agency”?  Can a health care provider be liable under the Fair Credit Reporting Act (FCRA) in the event of a data breach?  The Seventh Circuit Court of Appeals recently considered these significant questions in the case of Tierney v. Advocate Health & Hosps. Corp. (7th Cir., No. 14-3168, August

Public Act 15-88 is the first comprehensive law in Connecticut to address telemedicine (also referred to as “telehealth”), and to establish regulatory requirements for providing telehealth services, and mandates certain insurance coverage for such services. Telehealth is a mode of delivering health services to patients via information and communication technologies to facilitate the diagnosis, consultation

The Electronic Frontier Foundation (EFF) recently released its fifth annual report evaluating the practices of several online service providers with regard to government access to user data. The report rates the major online providers on a five star scale measuring their efforts to promote transparency and protect user privacy in the face of government data