Privacy by the numbers

From Simson Garfinkel
Revision as of 13:09, 12 October 2016 by Simson (talk | contribs)
Jump to navigationJump to search

$2500 — FCRA statutory maximum penalty for actual damages in the case of willful violations; courts may add punitive damages and attorney's fees.

$5000 — The amount for a cash transaction under the Bank Secrecy Act of 1970 for which a bank must file a Suspicious Activity Report (SAR)

$10,000 — The amount for a cash transaction under the Bank Secrecy Act of 1970 for which a bank must file a Currency Transaction Report (CTR).

$25,000 — The amount for any transaction under the Bank Secrecy Act where a bank must file a Suspicious Activity Report (SAR), even if the bank does not know the identity of the perpetrator.

45 days — How many days a school has to provide records under FERPA

60 days — How many days a consumer reporting agency has to provide records under FCRA

60 days — How many days does a covered entity have to notify a person of a breach of Protected Health Information?

1 year — How often the consumers may obtain 1 free credit report from each consumer reporting agency.

13 years — Under what age are people protected by the Children's Online Privacy Protection Act?

500 people — If a breach of Protected Health Information affects more than this number of people, the Secretary of HSS and prominent media outlets serving the state or jurisdiction must be notified.


Years

1970 — Fair Credit Reporting Act (FCRA)

1986 — Electronic Communications Privacy Act (ECPA)

1994 — Communications Assistance for Law Enforcement Act (CALEA)

1996 — Health Insurance Portability and Accountability Act (HIPAA)

1998 — Children's Online Privacy Protection Act (COPPA)

1999 — Gramm-Leach-Bliley Act (GLBA), also the Financial Services Modernization Act

2003 — Telephone Consumer Protection Act

2003 — Fair and Accurate Credit Transactions Act ("FACTA"), implemented the Disposal Rule (to properly dispose of paper and electronics containing consumer reports) and the Red Flags Rule (to identity patterns of indicative of identity theft).

200x — Health Information Technology for Economic and Clinical Health ("HITECH") Act, extends HIPAA Security Rule to business associates

— Dodd-Frank Wall Street Reform and Consumer Protection Act

Retrieved from "https://simson.net/wiki/index.php?title=Privacy_by_the_numbers&oldid=1546"