When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Back to School: 3 Essential Employee Trainings
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
Safeguard your Business: Dinsmore's Craig Horbus on Combatting the Rising Threat of ACH Fraud
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
It's Time to Think About Data Mapping Differently
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
On June 13, the Rhode Island legislature passed the Rhode Island Data Transparency and Privacy Protection Act (RIDTPPA) (H. 7787/S. 2500), with the bill passing into law on June 29....more
On 22 March 2024, the CAC published the final version of the Provisions on Promoting and Regulating Cross-Border Data Flows which took effect immediately and follows the draft published for consultation in September 2023. On...more
On June 25, 2024, the governor of Rhode Island transmitted without signature a comprehensive privacy bill, the Rhode Island Data Transparency and Privacy Protection Act (DTPPA), back to the state legislature, which is still...more
In September 2023, Delaware became the seventh state in 2023 to enact comprehensive privacy law with the Delaware Personal Data Privacy Act (DPDPA), joining Indiana, Iowa, Montana, Oregon, Tennessee and Texas. The DPDPA will...more
On April 4, 2024, Kentucky joined the rapidly growing number of states adopting a comprehensive data privacy law, when Governor Andy Beshear signed, the Kentucky Consumer Data Protection Act ("Kentucky CDPA"). The law will...more
2023 was a record-breaking year, with legislators in Delaware, Indiana, Iowa, Montana, Oregon, Tennessee and Texas passing comprehensive data privacy laws, joining California, Colorado, Connecticut, Utah and Virginia. Already...more
On April 4, Kentucky Governor Andy Beshear signed the Kentucky Consumer Data Protection Act (KCDPA) into law, making Kentucky the sixteenth state to enact comprehensive data privacy legislation and the third state to do so in...more
On March 31, 2024, the Washington My Health My Data Act (MHMDA), a comprehensive consumer health privacy law, will come into force. Small businesses – defined as those processing consumer health data of fewer than 100,000...more
New Jersey rang in the new year with the signing of a state privacy bill. On Jan. 16, Gov. Phil Murphy signed SB No. 322, stating he was proud that New Jersey had joined the ranks of states with consumer privacy bills....more
This post is part of a series of articles we are doing on 2023 data protection litigation trends. Since its enactment in 2008, Illinois’s Biometric Information Privacy Act (BIPA) has produced a wave of privacy-related...more
On January 4, 2023, the New Hampshire House of Representatives passed Senate Bill 255 (the “Act”) with amendments, setting the stage for New Hampshire to become the latest state with a comprehensive privacy law....more
In 2023, eight more states passed comprehensive data privacy legislation, adding to the six that had passed broadly applicable privacy laws in years prior. In addition, several issue-specific laws regulating health data, data...more
Oregon recently joined Vermont and California as the third state requiring data broker registration before collecting, selling, or licensing “brokered personal data.” Several types of entities are exempt from the law. These...more
As of June 25, 2023, the Oregon House and Senate have signed Senate Bill 619 (the “Act”), which previously passed in the House 54-0. The Act now moves to the Oregon Governor’s desk for signature (and is set to become law as...more
Texas, long lauded as one of the most “business-friendly” states, has passed a comprehensive privacy law that will bring new regulations to consumer personal data. The new Texas Data Privacy and Security Act (“TDPSA”), H.B....more
As we move into the summer months, state comprehensive privacy law developments continue to steadily emerge. Most notably, in the weeks since our last update, the Texas legislature passed the Texas Data Privacy and Security...more
The Washington state My Health My Data Act (MHMDA) casts a wide net of business and data it intends to regulate. Passed on April 17, the law places restrictions on the collection, sharing, and selling of “consumer health...more
Since the U.S. Supreme Court’s Dobbs v. Jackson Women’s Health Organization decision, healthcare privacy has become a more urgent issue as states such as Missouri seek to limit women from obtaining abortions in other states....more
Iowa will soon be the sixth state in the nation with a comprehensive consumer privacy law – but the good news for employers is that it does not apply to data collected in the employment context and does not include a private...more
Since the California Consumer Privacy Act (“CCPA”) was passed in 2018, employers have been watching carefully to see how the law will apply to data collected and maintained about their employees. Up until now, employment data...more
January 1, 2023, is now a more ominous deadline in the data privacy compliance world. Privacy professionals have been watching California’s 2022 legislative session to see whether California Consumer Privacy Act (CCPA)...more
The Employee Data Exemptions that existed in the original CCPA will no longer be effective in 2023 as the scope of the data protection law expands under the CPRA. In November 2020, California residents voted to adopt the...more
Unless the California legislature acts soon, the scope of information subject to the California Privacy Rights Act (“CPRA”) will include all employee or human resource-related personal information on January 1, 2023. To date,...more
Connecticut’s new consumer privacy law imposes enhanced privacy disclosures and assessment requirements on businesses, and provides consumer rights similar to those in Europe’s GDPR, the California Privacy Rights Act (CPRA),...more
The Connecticut legislature just passed Senator James Maroney's Senate Bill 6, which will provide CCPA-like privacy rights to Connecticut residents. Once signed by the Governor, Connecticut will become the fifth state—after...more