[ Wednesday, February 22, 2006 ]
Stolen Laptop = No Liability. Just saw, via Bruce Schneier's great
security blog, a very
interesting case discussing the Gramm-Leach-Bliley obligations of a financial institution to provide security regarding customer financial information. If you don't know, GLB is in many ways the financial institution analog to HIPAA. In any event, an employee of a Student Loan company had a bunch of applicant financial information on his home laptop computer (the employee telecommuted). The house was burgled, the laptop stolen and never recovered. There was never any evidence that any of the information on the laptop was used for untoward purposes, and because of the way the employee worked at home, there was no way to know whose information was on the computer at the time it was stolen anyway. But the company notified all applicants that their information might've been compromised. Even though he had suffered no damages, one applicant sued. The court threw out the suit.
This obviously has implications for the
Providence case.
Jeff [11:37 PM]
http://www.blogger.com/template-edit.g?blogID=3380636
Blogger: HIPAA Blog - Edit your Template