Linn Foster Freedman

Linn Freedman practices in data privacy and security law, and complex litigation. She is a member of the Business Litigation Group and chair’s the firm’s Data Privacy and Security Team. She currently serves as general counsel to the Rhode Island Quality Institute. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations, as well as emergency data breach response and mitigation. She counsels clients on state and federal data privacy and security investigations and data breaches. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

CFOs Beware: You are Being Targeted by Nigerian Hackers

By Linn Foster Freedman on December 13, 2018 Posted in Cybersecurity

A report released by cybersecurity firm Agari has come to a conclusion that we have experienced all year—that a hacking group in Nigeria, dubbed “London Blue,” is targeting CFOs and Controllers in small businesses to multinational corporations to trick them into sending funds through wire transfers. We have seen too many of them, and the … Continue Reading

Addressing Insider Threats

By Linn Foster Freedman on December 13, 2018 Posted in New + Now

In data privacy and security jargon, an insider threat usually includes: an employee who creates a security risk due to a lack of awareness or carelessness, but doesn’t mean to do anything wrong (clicks on a phishing email and introduces malware or ransomware into the system) an employee who creates a security risk for his … Continue Reading

Privacy Tip #169 – What to Do When You Get the Breach Notification Email from Starwood Hotels/Marriott

By Linn Foster Freedman on December 13, 2018 Posted in Data Breach, Privacy Tips

I knew I would get it. It was just a matter of time. The dreaded breach notification email from Starwood Hotels/Marriott hit my inbox this Monday. As you know, I am one that is serious about data privacy. I have received notification of data breaches of my information before, and what irks me is that … Continue Reading

Advanced Care Hospitalists Settles with OCR for $500,000 for Alleged HIPAA Violations

By Linn Foster Freedman on December 12, 2018 Posted in HIPAA and Health Information

The Office for Civil Rights has announced that it has settled with Lakeland, Florida based Advanced Care Hospitalists (ACH) for $500,000 for allegations of an impermissible disclosure of protected health information by one of its business associates. ACH provides contract internal medicine physicians to nursing homes and hospitals. According to the press release, between November … Continue Reading

Cybercriminals Recruiting Employees on the Dark Web to Assist with Fraud Schemes

By Linn Foster Freedman on December 6, 2018 Posted in Cybersecurity

Darkreading.com has issued a survey entitled: Monetizing the Insider: The Growing Symbiosis of Insiders and the Dark Web which states that malicious insiders are responsible for 27 percent of all cybercrime. This statistic confirms that cybercriminals are increasingly recruiting insiders by using the dark web as a recruiting tool. So not only do businesses have … Continue Reading

Use of Multifactor Authentication

By Linn Foster Freedman on December 6, 2018 Posted in New + Now

This has been quite the year of O365 intrusions. The story seems to be almost identical in each security incident we investigate this year, and it goes like this: Employee receives a pop-up message from Microsoft advising employee that s/he must change his or her password for security purposes. Employee types his or her user … Continue Reading

Privacy Tip #168 – USPS Security Vulnerability Affects More Than 60 Million

By Linn Foster Freedman on December 6, 2018 Posted in Privacy Tips

We previously commented on the risks around the United State Postal Service’s (USPS) “Informed Visibility” service, which allows customers to preview their mail to inform them when it will be delivered. Some security experts recommend that customers opt out of the program so an account cannot be opened in your name. Last week, it was … Continue Reading

IoT Security Challenges are Costly

By Linn Foster Freedman on November 29, 2018 Posted in Cybersecurity, Internet of Things

Some analysts have predicted that by 2020, there will be 20 billion Internet of Things (IoT) connected devices worldwide, which could grow to over 80 billion by 2025. Sales of IoT devices were $80 billion in 2017, and are predicted to grow to $1.4 trillion by 2021. With the exponential growth of IoT devices, experts … Continue Reading

2.6 Million Atrium Health Patient Records Compromised by Vendor AccuDoc

By Linn Foster Freedman on November 29, 2018 Posted in Data Breach

Atrium Health and its vendor, AccuDoc Solutions, released a joint announcement this week that AccuDoc’s database of 2.6 million billing records of Atrium Health’s patients has been compromised by a hacking incident. The information contained in the database included patient names, addresses, dates of birth, health insurance information, account balances, dates of service and some … Continue Reading

Vendor Management

By Linn Foster Freedman on November 29, 2018 Posted in New + Now

A challenging risk management project that many clients are undertaking is vendor management. Ever since the Target breach, when an HVAC vendor’s employee clicked on a phishing email that allowed an intruder to compromise Target’s system, vendor management has been an issue to be addressed by company data privacy and security teams. Vendor management is … Continue Reading

Privacy Tip #167 – IRS Issues Warning About Tax Transcript Scam

By Linn Foster Freedman on November 29, 2018 Posted in Privacy Tips

The Internal Revenue Service (IRS) has issued a warning to consumers about an email that appears to come from “IRS Online.” The email is designed to get the recipient to click on an attachment labeled “Tax Account Transcript” or “tax transcript,” which is infected with the Emotet malware. Tax transcripts are summaries of your tax … Continue Reading

Mozilla Adds Website Breach Alerts for Consumers and Evaluates Security of Products

By Linn Foster Freedman on November 21, 2018 Posted in Cybersecurity

Mozilla recently announced that it is adding a new security feature to its Firefox Quantum web browser that will alert users when they visit a website that has reported a data breach in the last 12 months. Although consumers can visit Have I Been Pwned [view related post] to determine if their email has been … Continue Reading

Record Retention

By Linn Foster Freedman on November 21, 2018 Posted in New + Now

An ongoing and frequent request is to assist clients with record retention guidelines and migration from storing massive amounts of paper records to an electronic system. How to do this correctly cannot be fully encapsulated in a blog post, but here are a few thoughts to consider when tackling this cumbersome process. There are very … Continue Reading

Privacy Tip #166 – Black Friday Shopping Risks

By Linn Foster Freedman on November 21, 2018 Posted in Privacy Tips

It’s that time. The holidays and shopping deals on Black Friday and Cyber Monday. Here is some helpful information to consider while shopping this weekend. A new study from RiskIQ—its 2018 Black Friday E-commerce Blacklist states that “This Thanksgiving weekend, threat actors are poised to claim a pretty big slice of the e-commerce pie.” How, you … Continue Reading

Ransomware Continues to Be Top Threat to Small Companies

By Linn Foster Freedman on November 15, 2018 Posted in Cybersecurity

According to a new report by Datto, Inc. (its third annual Global State of the Channel Ransomware Report), ransomware continues to be the top cyber-attack experienced by small- and medium-sized companies. Some managed service providers were surveyed in Singapore, the Asia-Pacific region and across the globe. Fifty-five percent of them said their clients had experienced … Continue Reading

Phishing Attack Causes Breach at Southwest Washington Regional Surgery Center

By Linn Foster Freedman on November 15, 2018 Posted in Data Breach

Phishing attacks continue to hit health care providers and experts say the attacks will become even more frequent in 2019. As previously reported, the largest breach of health care information was recently settled by Anthem, which involved almost 80 million individuals’ information, all caused by a phishing email sent to one individual at Anthem [view … Continue Reading

IoT Sensors Collect Real Time Oceanographic Data

By Linn Foster Freedman on November 15, 2018 Posted in Internet of Things

The Australian Institute of Marine Science is using an IoT drifter manufactured by Myriota to collect oceanographic data in almost real time. The drifters connect to low Earth orbit (LEO) satellites, so they are not using traditional mobile telephone networks, and avoid connectivity issues. The drifters monitor ocean conditions, including water temperatures, currents and barometric … Continue Reading

Test Your Incident Response Team (a/k/a Tabletop Exercises)

By Linn Foster Freedman on November 15, 2018 Posted in New + Now

I have been conducting a lot of tabletop exercises lately, so it seems timely to mention the concept now for those who many not know what they are or how to get one scheduled for your organization. What is a tabletop exercise and why is it relevant to your business? I am not sure who … Continue Reading

Privacy Tip #165 – Scammed Through MoneyGram? You Might be Eligible for a Refund

By Linn Foster Freedman on November 15, 2018 Posted in Privacy Tips

Criminals have been able to get individuals to wire funds to them for years. It is an old scam that still works. One of the companies that have been used by criminals in the past for wire fraud is MoneyGram, which was sued by the Federal Trade Commission (FTC) in 2009 and required to put … Continue Reading

Radisson Loyalty Program Compromised

By Linn Foster Freedman on November 8, 2018 Posted in Data Breach

Radisson Hotel Group has notified some of its global loyalty program customers that hackers have stolen their personal information, including their names, addresses, email addresses, and in some cases, their employment and employers’ name and telephone number, rewards member number and frequent flyer numbers. When it discovered the compromise, it hired investigators and revoked access … Continue Reading

Test Your Employees with Internal Phishing Campaigns

By Linn Foster Freedman on November 8, 2018 Posted in New + Now

Phishing campaigns continue to be one of the most successful ways for malicious intruders to access company information, including personal information of employees and customers. Phishing emails continue to get more and more sophisticated and employees continue to fall victim to them, often putting the entire company at risk. Typical successful phishing campaigns end with … Continue Reading

Privacy Tip #164 – Identity Thieves Using USPS Informed Delivery to Open Fraudulent Credit Card Accounts

By Linn Foster Freedman on November 8, 2018 Posted in Privacy Tips

The United State Postal Service (USPS) launched a program called “Informed Delivery” with the goal to assist consumers in protecting themselves from identity theft. The program allows consumers to register an account on usps.gov which allows one to view scanned images of all of their incoming mail for free. However, it is being reported that … Continue Reading

Election Day: Five Security Experts Conclude that Georgia’s Online Voter Database is Easily Hackable

By Linn Foster Freedman on November 6, 2018 Posted in Data Breach, Data Security

According to reports by WhoWhatWhy and the Associated Press, five security experts have confirmed a private citizen’s allegation that the Georgia Online Voter Database contains a major security flaw and is vulnerable to hackers. According to one of the experts from the University of Michigan, anyone with access to an individual voter’s personal information could … Continue Reading

FTC Announces Cybersecurity Resources for Non-Profits

By Linn Foster Freedman on November 1, 2018 Posted in Cybersecurity

Non-profit organizations collect, use and disclose personal information just like any other for-profit industry. However, non-profit organizations often don’t have the same resources to devote to data security as their for-profit counterparts. The risk is the same, but the ability to defend and respond is more challenging due to more limited resources that can be … Continue Reading

This Blog/Website is made available by the lawyer or law firm publisher for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By using this blog site you understand that there is no attorney client relationship between you and the Blog/Website publisher. The Blog/Website should not be used as a substitute for competent legal advice from a licensed professional attorney in your state. Any opinions expressed on this Blog/Website are opinions only of the author, expressed at the time the material is written based on information available to the author at that time, and are not opinions of the author's law firm or any of the author's or the law firm's clients. This Blog/Website is not intended to be attorney advertising. To the extent it might be deemed to be attorney advertising, it should not be considered advertising or to be seeking legal work in any jurisdiction in which the author is not admitted to practice law (i.e., jurisdictions other than Connecticut, Massachusetts, and various federal courts).