Linn Foster Freedman

Linn Freedman practices in data privacy and security law, and complex litigation. She is a member of the Business Litigation Group and chair’s the firm’s Data Privacy and Security Team. She currently serves as general counsel to the Rhode Island Quality Institute. Linn focuses her practice on compliance with all state and federal privacy and security laws and regulations, as well as emergency data breach response and mitigation. She counsels clients on state and federal data privacy and security investigations and data breaches. Prior to joining the firm, Linn was a partner at Nixon Peabody, where she served as leader of the firm’s Privacy & Data Protection Group. She also served as assistant attorney general and deputy chief of the Civil Division of the Attorney General’s Office for the State of Rhode Island. She earned her J.D. from Loyola University School of Law and her B.A., with honors, in American Studies from Newcomb College of Tulane University. She is admitted to practice law in Massachusetts and Rhode Island. Read her full rc.com bio here.

Subscribe to all posts by Linn Foster Freedman

Privacy Tip #101 – A Recap of our Top 10 Privacy Tips

By Linn Foster Freedman and Kathryn Rattigan on August 17, 2017 Posted in Privacy Tips

Last week, our Data Privacy + Cybersecurity Insider reached a milestone—we hit our 100th privacy tip! This week, we mark that milestone with a special edition Privacy Tip: the top 10 most-viewed privacy tips. Our readers can use this list as a refresher resource for some of the most important privacy tips to remember at work and … Continue Reading

Connecticut Insurance Department Issues Bulletin on Data Security Requirements

By Linn Foster Freedman on August 10, 2017 Posted in Cybersecurity

We previously outlined the requirements of the Connecticut data breach law when it was amended in 2015, including the requirement to implement a comprehensive information security program (CISP). The law requires that Third Party Administrators (TPAs) and Pharmacy Benefit Managers (PBMs) must implement a CISP by October 1, 2017, and certify to the Connecticut Insurance … Continue Reading

Siemens Medical Equipment Vulnerable to Cyber-Attacks

By Linn Foster Freedman on August 10, 2017 Posted in Cybersecurity

The Department of Homeland Security and Siemens Healthineers has identified cybervulnerabilities in the Windows 7-based versions of Siemens PET/CT systems, SPECT systems, SPECT/CT Systems and SPECT Workplaces/Symbia.net and have issued a warning concerning the vulnerabilities. Although Siemens is working on updates for the affected diagnostic imaging systems, it is recommending that customers operate the systems … Continue Reading

Nevada Implements Law that Requires Notice for Collection of Personal Information

By Linn Foster Freedman on August 10, 2017 Posted in Cybersecurity

Nevada has become the third state in the Union to adopt a law that requires operators of websites and online services to provide notice to consumers who are Nevada residents of their practices around the collection and sharing of personal information, including consumers’ names, address, email address, telephone number, Social Security number or an identifier … Continue Reading

Privacy Tip #100 – Scary Statistics on Identity Theft of Children

By Linn Foster Freedman on August 10, 2017 Posted in Children's Privacy, Privacy Tips

It is one thing to steal our identity as an adult, but children are defenseless against this type of fraud. According to Experian, it handles 25,000-30,000 cases of identity theft and fraud every year and a whopping 17 percent affected children and the estimate is that it will affect up to 25 percent of children … Continue Reading

Hackers Could Target Airports, Planes, Satellites, Ships, Cars, and Trains

By Linn Foster Freedman on August 3, 2017 Posted in Cybersecurity

Cybersecurity for critical infrastructure continues to be of concern, including the transportation sector. A new study by ABI Research concludes that although the transportation sector continues to increase spending on cybersecurity year over year, the rapid digitization of airports, aircraft, trains, ships, and cars puts this sector at risk. The study mentions that poor cybersecurity … Continue Reading

Students 16 and Over: Check Out CyberStart!

By Linn Foster Freedman on August 3, 2017 Posted in Cybersecurity

Students 16 and over who live in Virginia, Michigan, Iowa, Hawaii, Nevada, Delaware and Rhode Island—you may be eligible to participate in a new cybersecurity skills program called CyberStart. You have to have access to the Internet and a computer to participate. CyberStart is “a forward-thinking skills program designed to supply specialist cyber security education … Continue Reading

Women’s Health Care Group Notifies 300,000 About Ransomware Attack

By Linn Foster Freedman on August 3, 2017 Posted in Data Breach

Women’s Health Care Group of Pennsylvania has notified approximately 300,000 patients that their protected health information has been compromised by a ransomware attack. Although the ransomware became active on May 16, 2017, an investigation into the attack showed that the intruders had access to the Group’s system since January of 2017. The intruders may have … Continue Reading

OCR Releases “Improved Web Tool” for Breach Reporting

By Linn Foster Freedman on August 3, 2017 Posted in HIPAA and Health Information

The Office for Civil Rights (OCR) recently issued an “improved web tool that puts important information into the hands of individuals, empowering them to better identify recent breaches of health information and learn how all breaches of health information are investigated and successfully resolved.” The tool, called “The HIPAA Breach Reporting Tool (HBRT) allows individuals … Continue Reading

Privacy Tip #99 – If you are an IoT Fanatic, this App is for You

By Linn Foster Freedman on August 3, 2017 Posted in Privacy Tips

Last January, the Federal Trade Commission (FTC) launched the IoT Home Inspector Challenge, a contest that requested participants to come up with a tool that would identify security issues that are caused by out-of-date software in IoT devices to better educate and protect consumers about the security vulnerabilities of IoT devices. To remind you of … Continue Reading

Connecticut Releases Cybersecurity Strategy

By Linn Foster Freedman on July 27, 2017 Posted in Cybersecurity

On July 10, 2017, Connecticut Governor Dannel P. Malloy released Connecticut Cybersecurity Strategy, that outlines seven key principles to assist with strengthening efforts to protect the state’s cybersecurity defenses for individuals, organizations, governmental agencies and businesses in Connecticut. The seven principles set forth in the Strategy document include: Leadership Literacy Preparation Response Recovery Communication and Verification … Continue Reading

Unusual IoT Hacking Shows Creativity of Hackers

By Linn Foster Freedman on July 27, 2017 Posted in Cybersecurity, Internet of Things

Everything connected to the Internet is hackable and at risk. But there are some things connected to the Internet that you just don’t think of as risks to an organization. That is, until now. Darktrace has issued its report Darktrace Global Threat Report 2017 that discusses nine unusual cyber threat scenarios that show, among other things, … Continue Reading

Employers Monitoring Employees Through Biochip Hand Implants

By Linn Foster Freedman on July 27, 2017 Posted in Data Privacy

On August 1, 2017, 32M, located in Wisconsin, is offering its employees the ability to have RFID chips implanted into their hands to make purchases at the company break rooms, open doors, use the copy machine and log on to their company computer. On top of that, the employer issued chip can store medical and … Continue Reading

Privacy Tip #98 – Publishers Clearinghouse Imposters are Stealing Consumers’ Money

By Linn Foster Freedman on July 27, 2017 Posted in Privacy Tips

We all dream about winning the lottery or the Publishers Clearing House folks secretly coming up our walkway and knocking on our door telling us we won millions of dollars. Well, I do. Unfortunately, because we all wish for such luck, criminals prey on our wishes and have come up with a scam where they … Continue Reading

FBI Issues Warning about Internet-Connected Toys

By Linn Foster Freedman on July 20, 2017 Posted in Children's Privacy, Cybersecurity

We previously reported about the microphone and video capabilities of Echo technology [view related post]. The FBI is also concerned about this technology being used in toys that are connected to the Internet. The FBI is so concerned that yesterday, it issued a Public Service Announcement that warns consumers that Internet-connected toys “could present privacy … Continue Reading

Ashley Madison Settles Data Breach Case for $11.2M

By Linn Foster Freedman on July 20, 2017 Posted in Enforcement & Litigation

Ashley Madison, which suffered a data breach in 2015 [view related posts here] involving the loss of 37 million users’ personal and financial information, has settled the suit for $11.2 million. Ashley Madison’s parent company previously settled data security allegations with 13 states and the Federal Trade Commission for $17.5 million, but ended up paying … Continue Reading

Unencrypted Backup Drive of 531 EEG Patients Lost

By Linn Foster Freedman on July 20, 2017 Posted in Health Information Privacy, HIPAA and Health Information

Baptist Medical Center South, located in Jacksonville, Florida has admitted that one of its backup drives has been missing since May 18, 2017. The unencrypted backup drive contained the protected health information of 531 patients who underwent an EEG at the facility between 2015 and 2017. It has not been recovered to date. The backup … Continue Reading

Privacy Tip #97 – Send Your Kid to Cyber Camp This Summer

By Linn Foster Freedman on July 20, 2017 Posted in Cybersecurity, Privacy Tips

I have lamented repeatedly that we have a dearth of cyber talent in the U.S. to meet the needs of employers. Many of our clients recruit talent from other countries in order to meet their cyber needs. The need continues to grow, and we are not addressing it adequately. Although we are starting to develop … Continue Reading

Hacker Steals Millions from Virtual Currency Exchange Bithumb

By Linn Foster Freedman on July 13, 2017 Posted in Cybersecurity

A cyber-attack against–Bithumb–one of South Korea’s largest cryptocurrency exchanges and one of the five largest in the world—has reaped access to the data of 30,000 users and drained their accounts in the process. Bithumb is one of the biggest ethereum exchanges by volume in South Korea, representing more than 44 percent of trading in that … Continue Reading

VTech Escapes Class Action Case Over Breach of 11 Million Toy Users’ Information

By Linn Foster Freedman on July 13, 2017 Posted in Enforcement & Litigation

In November 2015, VTech Electonics North America LLC (VTech) announced that an unauthorized party infiltrated its network and gained access to the personal information of 5 million adults and 6.5 million children through its Learning Lodge app store, including their names, email addresses, security questions, photographs and messages [view related post]. One month following the … Continue Reading

Three Million Wrestling Fans’ Data Compromised

By Linn Foster Freedman on July 13, 2017 Posted in Data Breach

World Wrestling Entertainment, Inc. (WWE) has announced that it is investigating a “vulnerability of [a] database” containing over three million users’ names, addresses, email addresses, dates of birth, educational background, ethnicity, earnings and children’s ages and genders. The data included social media tracking and posts from WWE stars and fans. According to the company, it … Continue Reading

Privacy Tip #96 – Consider “Who Has Your Back” as Your Next Summer Read

By Linn Foster Freedman on July 13, 2017 Posted in Privacy Tips

As you head to the beach or hammock for a bit of R+R this summer, here is one that you might want on the reading list. The Electronic Frontier Foundation (EFF) has been publishing a report entitled “Who Has Your Back” since 2010. The point of the report is to assess major digital companies’ attitude … Continue Reading

Authorities Investigating Cyber Intrusion of Numerous U.S. Nuclear Power Plants

By Linn Foster Freedman on July 6, 2017 Posted in Cybersecurity

It’s scary to think about, but anything that is online is hackable. Including critical infrastructure like nuclear power plants. It has been reported that U.S. authorities are investigating a cyber intrusion that has hit numerous nuclear power generation sites in the past few months. The attack has been named “Nuclear 17.” Although details of the … Continue Reading

Office of the National Coordinator Issues Guidance After NotPetya Attack

By Linn Foster Freedman on July 6, 2017 Posted in Cybersecurity

Following the most recent ransomware attack, known as NotPetya, (among other nicknames), many health care entities were victims of the ransomware, which prompted the Office of the National Coordinator (ONC) to issue guidance to assist health care entities in the aftermath. In two separate warnings/updates, ONC provides guidance to health care entities on what to … Continue Reading

This Blog/Website is made available by the lawyer or law firm publisher for educational purposes only as well as to give you general information and a general understanding of the law, not to provide specific legal advice. By using this blog site you understand that there is no attorney client relationship between you and the Blog/Website publisher. The Blog/Website should not be used as a substitute for competent legal advice from a licensed professional attorney in your state. Any opinions expressed on this Blog/Website are opinions only of the author, expressed at the time the material is written based on information available to the author at that time, and are not opinions of the author's law firm or any of the author's or the law firm's clients. This Blog/Website is not intended to be attorney advertising. To the extent it might be deemed to be attorney advertising, it should not be considered advertising or to be seeking legal work in any jurisdiction in which the author is not admitted to practice law (i.e., jurisdictions other than Connecticut, Massachusetts, and various federal courts).