Below find a partially opened map on the confidentiality of health
information, including alcohol/drug patient records under HIPAA and 42 CFR Part 2.
Note copyright and that the map is only partially opened.
Doug Knehr, Esq.,MBA, CISSP, FIP, CIPM, CIPP/US
Below find a link to download a mind map sample pertaining to my efforts on cloud user experience considerations as per NIST recommendation.
Contact me Doug Knehr via linked in
Below find a link to download a mind map sample pertaining to my efforts on cloud security.
Contact me , Doug Knehr via linkedin to discuss cloud security.
Class Action Pleadings:
SPOKEO, INC., PETITIONER v. THOMAS ROBINS (May 16, 2016)
Spokeo Supreme Court Decision – 2016 – Douglas S Knehr Esq MBA CISSP CIPM CIPP
The case was remanded back to the lower court. The lower court incorrectly focused only on particularization of injury and failed to determine whether the alleged procedural violations entail a degree of risk sufficient to meet the concreteness requirement (“de facto” that is, it must actually exist)
Class action plaintiffs must prove standing by asserting:
- Injury in fact
- Fairly traceable to challenged conduct
- Likely to receive favorable judicial decision
Injury in fact requires a plaintiff to show that he or she suffered “an invasion of a legally protected interest” that is “concrete and particularized” and “actual or imminent, not conjectural or hypothetical”. While particularization considers the affect on the plaintiff in a personal and individual manner, concreteness is quite different from particularization and requires an injury to be “de facto,” that is, to actually exist. A “concrete” injury need not be a “tangible” injury. Statutory violation alone is not enough. Article III standing requires a concrete injury even in the context of a statutory violation. The violation of a procedural right granted by statute can be sufficient in some circumstances to constitute injury in fact. In this instance however the Supreme Court held that its’ decision doesn’t rule out that risk of real harm will not be enough.
In short, Courts will now look closely at both concreteness and particularization. How this plays out relative to cyber security breaches remains to be seen.
Below find a link to a partially opened map of my efforts breaking down GDPR.
GDPR -2016 explained -from I-2016
Below find links to relevant cases affecting international data privacy and information security
IP Addresses are personal information – Germany – 2016 (Patrick Breyer v. Federal Republic of Germany) IP Addresses Are Personal Information- Germany -2016