Linn Foster Freedman

Linn Foster Freedman

Linn Freedman practices in data privacy and security law, and complex litigation. She is a member of the Business Litigation Group and chair’s the firm’s Data Privacy and Security Team. She currently serves as general counsel to the Rhode Island Quality Institute. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations, as well as emergency data breach response and mitigation. She counsels clients on state and federal data privacy and security investigations and data breaches. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

NIST Issues Practice Guide for Electric Utilities

On February 16, 2017, the National Cybersecurity Center of Excellence released its draft practice guide for electric utilities, entitled “Situational Awareness for Electric Utilities.” The guide was developed to provide an example solution that can be used by electric utilities to alert staff to the potential for or an actual cyber-attack directed at the electric … Continue Reading

New York Financial Services Cybersecurity Regulations Go Into Effect on March 1

We have previously reported about the upcoming New York Financial Services Cybersecurity Regulations [view related posts here and here]. On February 16, 2017, Governor Andrew M. Cuomo announced that “the first-in the-nation cybersecurity regulation to protect New York’s financial services industry and consumers from the ever-growing threat of cyber-attacks will take effect on March 1, … Continue Reading

$5.5 Million Shelled Out to OCR for Alleged HIPAA Violations

Florida Memorial Healthcare Systems has agreed to pay the Office for Civil Rights (OCR) $5.5 million to settle alleged HIPAA violations relating to an incident that occurred in April 2012 that two employees accessed patient information of 106,000 patients in an unauthorized manner and with criminal intent, including their names, dates of birth, and Social … Continue Reading

Report Summarizes Healthcare Data Breaches in January 2017

Health care data breaches are not slowing. According to a report issued by Protenus, in conjunction with www.databreaches.net, the summary of healthcare data breaches in 2017 continues where 2016 left off. In January 2017, there were 31 data breaches reported to the Office for Civil Rights. The breaches resulted in the compromise of 388,307 patient … Continue Reading

Cybersecurity Threats for Treasury & Payment Management Systems Report Released

Pactera Technologies N.A., Inc. [www.Pactera.com] has released the report “Cybersecurity Threats for Treasury & Payment Management Systems: Six Things you Should Know to Manage Them.” It is easy to understand and pertinent, particularly this time of year, when we are seeing a drastic increase in phishing and scams aimed at finance departments. According to the report “[t]he … Continue Reading

New HHS Secretary Delays Effective Date of Part 2 Final Rule

We previously reported that the 30 year old regulations (last updated in 1987) relating to the disclosure of substance abuse treatment information has been updated by SAMHSA to bring it into the modern world of electronic health information [view related post]. The Part 2 Final Rule was to go into effect tomorrow (February 17, 2017). … Continue Reading

Former NSA Contractor Indicted for Theft of Government Property

The United States Department of Justice (DOJ) has announced that a former contractor of a defense contractor has been indicted for stealing over 75 percent of hacking tools belonging to the Nations Security Agency’s offensive cyber unit, as well as the ICA and Cyber Command. According to the indictment, Harold T. Martin has been charged … Continue Reading

Arby’s Investigating Payment Card Breach

Arby’s has announced that it is investigating its payment card systems after Brian Krebs first reported the incident. According to reports, malware placed on Arby restaurants’ payment card systems allowed attackers to steal credit card data at the time it was swiped in the cash register. The breach is believed to have occurred between October … Continue Reading

Children’s Medical Center of Dallas Clobbered by OCR

In a rare move by the OCR, it assessed a $3.2 million fine against Children’s Medical Center of Dallas (Children’s) after it issued a Notice of Proposed Determination against Children’s and Children’s failed to request a hearing. The Notice was issued following the OCR’s investigation of two self-reported data breaches. The first involved the theft … Continue Reading

CFOs Identify Cyber-Attacks as One of their Top Operational Risks

FM Global and CFO Research Services have partnered together and recently issued a study titled “Finance’s Role in Operational Risk Management: CFO Research on Building a Resilient Company.” The study was based on polling 100 senior financial executives from US Fortune 1000 companies. The CFOs’ top operational concerns included equipment failure, data breaches and/or cyber-attacks … Continue Reading

Major League Baseball fines Cardinals and Plucks Draft Picks for Hacking the Astros

It doesn’t always pay to be a hacker. Major League Baseball (MLB) this week made a strong statement about its tolerance for teams hacking other teams. We previously reported on the incident when a Cardinals employee hacked into the Astros database to lift information about scouting and rankings of eligible draft picks. [view related posts … Continue Reading

Facial Scan Case Dismissed Under Illinois Biometrics Law

The developers of two NBA video games were successful this week in getting a putative class action alleging violations of the Illinois Biometrics law dismissed. Two named plaintiffs alleged that the video games violated the Illinois Biometrics Information Privacy Act (BIPA) because the game developer failed to get the gamers’ permission prior to using and … Continue Reading
LexBlog