The European Union Cloud Services Scheme (“EUCS”) is a certification framework for cloud services introduced under the EU Cybersecurity Act. Currently still under consultation, the EUCS, once finalised, will be implemented by...more
Aside from the AI Act’s final blessing by the European Parliament earlier in March (extensively covered by our previous Monthly Notes), the past month was dominated by legislative activities across the globe in the field of...more
On September 15, 2022, the European Commission published its Proposal for a Cyber Resilience Act (CRA) which sets out new requirements for hardware and software products in the EU. The CRA applies to hardware and...more
The Situation: The health care sector is currently going through a digital transformation phase with the promise of achieving improved patient care and higher efficiency—and the implementation of cloud-based services is a...more
On 28 January 2021, the European Union Agency for Cybersecurity (ENISA) released a report on data pseudonymisation techniques (the Report)....more
On June 27, 2019, the EU Regulation on Information and Communication Technology (Cybersecurity Act or Act) became effective introducing, for the first time, EU-wide rules for the cybersecurity certification of products and...more
In this month's Privacy & Cybersecurity Update, we examine several recent U.K.-related cybersecurity developments and the SEC's risk alert reminding investment advisers and broker-dealers to follow through on implementing...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - United States and China Renew Promise Not to Hack - On October 4, U.S. and Chinese officials agreed to not engage in targeted hacking. Per a...more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more
On December 28, 2016, the New York Department of Financial Services ("DFS") released a revised version of a proposed regulation that would require banks, insurance companies, and other financial services institutions...more