Photo of Deborah George

Deborah George is a member of Robinson+Cole’s Business Litigation Group as well as its Data Privacy + Cybersecurity Team. Ms. George advises clients on and focuses her practice on data privacy and security, cybersecurity, and compliance with related state and federal laws. She also has experience providing counsel in civil litigation and employment law matters. She has significant experience offering advice and counsel on legal issues related to human services agencies, including Medicaid, as well as drafting and reviewing contracts, business associate agreements, and data use agreements. Read her full rc.com bio here.

Mobile health apps are growing in popularity and their number is increasing every year. Many of us find it convenient to use an app to schedule medical appointments, check medical records, track and store health data, and check symptoms. App developers have always needed to be mindful of protecting the privacy of the information that

This is the time of year for thought pieces reflecting on the past year or so to speculate on the hot topics for next year. I began to wonder about California Consumer Privacy Act (CCPA) enforcement actions over the past year as this was something that we speculated about not that long ago. The California

The Department of Homeland Security (DHS) announced a “bug bounty” program on December 14, 2021,  called “Hack DHS.” Yes, you read that right. DHS is actually going to invite select cybersecurity “hackers” to try to hack into its systems. DHS created the program to “identify potential cybersecurity vulnerabilities within certain DHS systems and increase the

Massachusetts Governor Charlie Baker and Rhode Island Governor Dan McKee recently announced that they are considering implementing vaccine passport programs in their respective states. Baker stated that he is working with other states to use a QR code system that allows users to scan to verify vaccination status. In Rhode Island, the Department of Health

An apparent email snafu has led to the filing of a putative class action against the Phoenix Children’s Hospital. The allegations stem from an email that was allegedly sent out to 368 people that outlined the protocols for employees with approved COVID-19 vaccine exemptions. The email set forth the protocols related to accommodations for such

The state of Virginia recently enacted a law banning local law enforcement and campus police departments from using facial recognition technology. Facial recognition technology is defined as an “electronic system for enrolling, capturing, extracting, comparing, and matching an individual’s geometric facial data to identify individuals in photos, videos, or real time.” The law states that

Two more state governors, those of Maine and North Dakota, have signed bills into law that adopt the National Association of Insurance Commissioners (NAIC) data security model law (Model Law). Maine and North Dakota join several other states that have already passed similar laws. Hawaii, Idaho, Illinois, Iowa, Minnesota, Rhode Island, and Wisconsin have similar

The California State Controller’s Office (SCO) was recently a victim of phishing. According to its website, an employee of the SCO’s Unclaimed Property Division clicked on a link in an email, entered their user ID and password, and unknowingly provided a hacker with access to the email account. According to the website, “SCO has