On January 16, 2025, President Joe Biden issued the “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity,” a comprehensive directive designed to address the growing complexity and...more
1/27/2025
/ Artificial Intelligence ,
Compliance ,
Critical Infrastructure Sectors ,
Cyber Threats ,
Cybersecurity ,
Data Security ,
Encryption ,
Executive Orders ,
Federal Contractors ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Infrastructure ,
Manufacturers ,
Multi-Factor Authentication ,
Ransomware ,
Sanctions
On January 16, 2025, President Joe Biden signed the “Executive Order on Strengthening and Promoting Innovation in the Nation’s Cybersecurity.” This directive seeks to tackle the increasingly complex and evolving cybersecurity...more
1/23/2025
/ Artificial Intelligence ,
Biden Administration ,
Cyber Crimes ,
Cybersecurity ,
Data Security ,
Executive Orders ,
Infrastructure ,
Innovation ,
National Security ,
Regulatory Agenda ,
Risk Management ,
Trump Administration
Fiduciaries should be aware of recent developments involving AI, including emerging and recent state law changes, increased state and federal government interest in regulating AI, and the role of AI in ERISA litigation. While...more
1/16/2025
/ Anti-Discrimination Policies ,
Artificial Intelligence ,
Compliance ,
Data Privacy ,
Data Security ,
Department of Health and Human Services (HHS) ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Employee Training ,
Equal Employment Opportunity Commission (EEOC) ,
Fiduciary Duty ,
Health and Welfare Plans ,
Healthcare ,
OCR ,
Regulatory Requirements ,
Risk Management
The recent massive data breach at National Public Data (NPD), a background check company, has potentially compromised the personal information of millions, if not billions, of individuals, including their Social Security...more
8/26/2024
/ Credit Reports ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Security ,
Federal Trade Commission (FTC) ,
Fraud ,
Hackers ,
Identity Theft ,
IRS ,
Popular ,
Risk Assessment ,
Risk Management
Insights for this month’s article are provided by ARDA members Gregory Szewczyk, partner at Ballard Spahr Practice Leader of the firm’s Privacy and Data Security Group, and Aaron Tantleff, partner in Foley & Lardner’s...more
7/24/2024
/ Artificial Intelligence ,
Blockchain ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Compliance ,
COPPA ,
Damages ,
Data Privacy ,
Data Security ,
Documentation ,
Employee Training ,
Environmental Social & Governance (ESG) ,
FTC Act ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Machine Learning ,
Policies and Procedures ,
Popular ,
Private Right of Action ,
State Privacy Laws
On March 19, 2020, the European Data Protection Board (EDPB) adopted a statement on the processing of personal data in the context of the COVID-19 outbreak. The EDPB made it clear that while the EU’s General Data Protection...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
In the two decades since its original passage, complying with the federal Health Insurance Portability and Accountability Act (HIPAA) hasn’t gotten any easier. Enacted with the primary goal of protecting the confidentiality,...more
As recent noteworthy attacks have shown, no health care organization or provider is safe from ransomware threats, and the results of an attack can be devastating. Ransomware is a virus which limits or eliminates access to...more
5/26/2016
/ Cyber Attacks ,
Data Protection ,
Data Security ,
Email ,
Employee Training ,
Hackers ,
Health Care Providers ,
Hospitals ,
Phishing Scams ,
Popular ,
Ransomware ,
Social Media ,
Websites
On October 6, 2015, the European Court of Justice — Europe’s highest court — invalidated the Safe Harbor agreement and framework that has permitted more than 4,000 companies to transfer personal data from the EU to the U.S....more
10/7/2015
/ Binding Corporate Rules ,
Data Privacy ,
Data Protection Authority ,
Data Security ,
EU ,
EU Data Protection Laws ,
European Commission ,
European Court of Justice (ECJ) ,
Facebook ,
International Data Transfers ,
National Security Agency (NSA) ,
Personal Data ,
Prior Express Consent ,
PRISM Program ,
SCC ,
Schrems I & Schrems II ,
US-EU Safe Harbor Framework