No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Sitting with the C-Suite: Information Governance and eDiscovery - Key Compliance Issues for In-House Counsel
Editor’s Note: In this informative webcast, Christopher Wall, DPO and Special Counsel for Global Privacy and Forensics at HaystackID, moderates a compelling discussion titled “From Breach to Insight: Incident Response and PII...more
Typically, we beat the drum of the need to prepare for a data incident—anything from a full-blown ransomware attack to an employee accidently sharing data with the wrong person—by having your Incident Response Plan developed...more
Regulator proposes requiring content moderation, algorithmic transparency, data protection and security, nondiscrimination, and quality of training data - Regulators around the globe are paying close attention to the...more
Healthcare organizations collect and generate tremendous volumes of highly sensitive—and highly regulated—information about patients every day. A substantial portion of this data is personally identifiable information (PII)...more
In a recent post, we highlighted the need for a privacy and cybersecurity training program, one not solely focused on spotting phishing attempts (although that is quite important as well). A primary reason, quite simply, is...more
Government agencies are grappling with the theft of millions of taxpayer dollars through unique fraud schemes directed at state unemployment programs. Employers often are the first to discover these schemes when they learn...more
As a result of the COVID-19 pandemic, millions of Americans have deserted the physical workplace. Modern technology and remote access capabilities have made it possible to transform almost any job to a telework position. As...more
Pee-yew. A major media company, like a lot of media employers these days, has been facing difficult economic times and has had furloughs, pay cuts, and buyouts. So the surviving employees were tickled pink when they...more
With the all-encompassing distraction of keeping up with the evolving COVID-related guidances, ordinances, and regulations, many employers have forgotten the other looming problem with a capital “C” – California Consumer...more
As people across the world react to the rapid spread of COVID-19, a new threat is emerging; individuals and employers face a risk from hackers trying to take advantage of the demand for information. Hackers have begun using...more
It starts inconspicuously enough with an email. You’re busy, so without thinking, you quickly open it and view the attachment. You may have just compromised the security of your entire company and the privacy of every client....more
October is National Cybersecurity Awareness Month (NCAM). NCAM serves as a timely reminder to continue to assess and improve organizational cybersecurity. In honor of NCAM, here are five fundamental steps that every...more
When the federal government fails to assume responsibility for establishing law and policy in important federal areas of jurisdiction, the individual states then spring into action to fill the vacuum. ...more
The Internet Society’s Online Trust Alliance just released its 2018 Cyber Incident & Breach Trends Report, which says “2018–Some Better, Some Worse, All Bad.” That’s our experience, too. Below are our highlights from the...more
California’s San Diego Unified School District recently disclosed that it had sustained a data breach when multiple phishing emails from malicious hackers were used to gather login information of staff members throughout the...more
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
The Staff of the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission released a Risk Alert on April 16, 2019, which identifies significant Regulation S-P (Reg. S-P)1...more
Why does this topic matter to organisations? EU data protection law provides data subjects with a wide array of rights that can be enforced against organisations that process personal data. These rights may limit the...more
We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more
If you handle or maintain personal information about your employees, such as social security numbers and payroll information, you should take steps to protect that data....more
Because cybercriminals don’t take holidays, December is an appropriate time for all employers to take steps to protect tax data and identities (both their own and their employees’) in advance of the 2019 tax-filing season....more
...more
As more and more companies become victim to data loss through phishing campaigns and insider threats, and the loss of data becomes riskier, companies are struggling to address the risks through employee education efforts....more
The recent $575,000 settlement with EmblemHealth signals a push from AG Schneiderman “for stronger security laws and hold[ing] businesses accountable for protecting their customers’ personal data.” Noting New York’s “weak and...more
An immense volume of personal data (or personally identifiable information) is proliferating and flowing throughout the world. Personal data is an incredibly valuable asset to companies but data protection and privacy laws...more