The Privacy Compliance Group LLP (PCG) in cooperation with the Law Office of Eric Taussig (www.erictaussig.com) partners with businesses and individuals to provide assistance with compliance with Federal and State privacy laws and regulations. Businesses, whether small or large, are subject to federal and/or state privacy laws involving contractors, suppliers, employees, and customers.
The PCG provides compliance audits of applicable privacy laws for businesses in the following sectors: healthcare; retail; financial; construction; hospitality; and manufacturing to insure businesses remain in compliance with the myriad of federal and state privacy laws. PCG also provides consulting services to develop the necessary policies to keep your business in compliance with applicable privacy laws and regulations.
PCG specializes in providing counsel for compliance with international data transfer requirements imposed by the European Union (EU) and at least 50 countries outside of the United States (US) where data transfers between the US and a foreign country are regulated. In that regard, PCG will assist businesses and individuals to promulgate policies and programs for the lawful transfer of data between the US, EU, Canada, and other countries with data transfer restrictions. Further, PCG will assist clients in establishing the necessary policies to allow the use of the US Department of Commerce’s “Safe Harbor” program allowing for transfer of data to and from EU countries.
The PCG’s objectives are to insure that your business is compliant and will not be sanctioned for unintentional errors that can be very costly, nor that your customers, employees or others can bring legal actions against you for improper data disclosure or transfer. Through the affiliated Law Office of Eric Taussig, PCG provides counsel where privacy rights have been allegedly violated or compromised.
PRIVACY CONCERNS OF BUSINESSES AND INDIVIDUALS
Most every business is directly or indirectly regulated by the federal government. While you may not realize that you are subject to federal regulation – if you are involved interstate commerce, even if you are a small business that just accepts credit cards, you are regulated by federal laws that involve you, your contractors’, suppliers’, employees’ and customers’ privacy rights. Below are many of the federal statutes that you need to be cognizant of and that may require your compliance.
FEDERAL STATUTES THAT IMPACT BUSINESS AND INDIVIDUALS BY CATEGORY
The Electronic Communications Privacy Act of 1986
The Telephone Consumer Protection Act 1991
Do Not Call Implementation Act of 2003
Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (also known as the “Can Spam Act”)
Communications Assistance for Law Enforcement Act
FEDERAL GOVERNMENT DATA COLLECTION
Census Confidentiality Statute of 1954
Freedom of Information Act (1966)
Privacy Act of 1974
Computer Security Act of 1987
E-Government Act of 2002
Fair Credit Reporting Act (1970)
Right to Financial Privacy Act (1978)
Taxpayer Protection Act (1997)
Gramm-Leach- Bliley Act (1999)
Sarbanes –Oxley Investor Protection Act of 2002
Dodd-Frank Wall Street Reform and Consumer Protection Act (2010)
Health Insurance Portability and Accountability Act of 1996
Patient Protection and Affordable Care Act of 2010
CHILDREN / MINORS
Family Education Rights and Privacy Act (1974)
Children’s Online Privacy Protection Act of 1998
MISCELLANEOUS FEDERAL STATUTES PROTECTING PRIVACY
Privacy Protection Act of 1980
Cable Communications Policy Act of 1984
Video Privacy Protection Act of 1988
Employee Polygraph Protection Act of 1988
Driver’s (License) Privacy Protection Act of 1994
Federal Trade Commission Act – Enforcing privacy policies and statutes –
Do not track on internet
The PCG can also counsel you and your business on constitutional protections and issues as developed by the courts such as “associational privacy”, “speech privacy”, “marital” and “reproductive” privacy, governmental intrusion and “informational” privacy.
EU PRIVACY DIRECTIVE
The Data Protection Directive (officially Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data) is a European Union directive adopted in 1995 which regulates the processing of personal data within the European Union. It is an important component of EU privacy and human rights law. On January 25, 2012, the European Commission unveiled a draft European General Data Protection Regulation that will supersede the Data Protection Directive. In the EU the right to privacy is a highly developed area of law. All the member states of the EU are also signatories of the European Convention on Human Rights (ECHR). Article 8 of the ECHR provides a right to respect for one’s “private and family life, his home and his correspondence,” subject to certain restrictions. The European Court of Human Rights has given this article a very broad interpretation in its jurisprudence as evidenced by the EU’s enforcement action against Google and other entities.