The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers.
In...more
4/1/2024
/ China ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Free Trade Zone ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
New Regulations ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Regulatory Requirements ,
Risk Assessment ,
Security Risk Assessments ,
Sensitive Personal Information ,
Standard Contractual Clauses
New Hampshire joins New Jersey as the second state passing a data protection law in 2024. New Hampshire is the 15th overall US state to do so.
Last year proved to be a huge year in U.S. state data protection law, ending...more
Utah became the fourth U.S. state to pass an omnibus data protection law when the Utah Consumer Privacy Act was signed into law March 24, 2022.
As the page turns to a new year, a new U.S. state data protection law will...more
Efforts to Address the Lack of Federal Data Privacy Legislation in the U.S. Have Continued -
The need for federal data privacy legislation was reiterated in the House Energy and Commerce Committee’s Subcommittee on...more
8/7/2023
/ Artificial Intelligence ,
Biometric Information ,
Congressional Committees ,
Congressional Investigations & Hearings ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Legislative Agendas ,
Machine Learning ,
New Legislation ,
Pending Legislation ,
Personal Data ,
Personal Information ,
PHI ,
Policy Statement ,
Popular ,
Proposed Legislation ,
Regulatory Agenda ,
State Privacy Laws ,
TikTok ,
Tracking Systems ,
Web Tracking ,
Websites
Data privacy laws have been progressing globally, but federal legislation in the U.S. has been lacking -
Businesses are facing a growing number of data privacy regulations. This is especially apparent among those in highly...more
5/22/2023
/ Artificial Intelligence ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Compliance ,
Consumer Privacy Rights ,
COPPA ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Data-Sharing ,
Electronic Protected Health Information (ePHI) ,
EU ,
General Data Protection Regulation (GDPR) ,
PHI ,
Popular ,
Proposed Legislation ,
Ransomware ,
State Privacy Laws
The new law will require critical infrastructure entities to report certain covered cybersecurity incidents to government agencies within 72 hours; ransomware payments within 24 hours.
On March 15, President Biden signed...more
Banking organizations must notify the appropriate agency within 36 hours of certain computer-security incidents; and banking service providers must notify affected banking organizations as soon as possible in the event of an...more
12/22/2021
/ Banking Sector ,
CFTC ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
FDIC ,
Federal Reserve ,
Financial Services Industry ,
Notice Requirements ,
OCC ,
Popular ,
Securities and Exchange Commission (SEC)
Investors filed a derivative suit claiming that the company knew about, and failed to mitigate known, existing cybersecurity risks and shortfalls prior to the security breach.
In early November, pension funds and...more
12/7/2021
/ Board of Directors ,
Breach of Duty ,
Cybersecurity ,
Data Breach ,
Derivative Suit ,
Duty of Care ,
Duty of Loyalty ,
False Claims Act (FCA) ,
Federal Contractors ,
Fiduciary Duty ,
Good Faith ,
Home Depot ,
Institutional Investors ,
Marriott ,
Material Misstatements ,
Pension Funds ,
Popular ,
Security Breach ,
Shareholder Litigation ,
Shareholders ,
SolarWinds ,
Yahoo!
The updated rule also includes new exemptions, expands the definition of “financial institution,” and creates new accountability requirements.
On October 27th the Federal Trade Commission (“FTC”) adopted and published...more
11/11/2021
/ Customer Information ,
Cybersecurity ,
Data Security ,
Equifax ,
Exemptions ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Financial Services Industry ,
Gramm-Leach-Blilely Act ,
Personally Identifiable Information ,
Regulatory Requirements ,
Safeguards Rule