The Federal Bureau of Investigation (FBI) recently warned employers of increasing security risks from North Korean workers infiltrating U.S. companies by obtaining remote jobs to steal proprietary information and extort money...more
3/21/2025
/ California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Homeland Security (DHS) ,
European Economic Area (EEA) ,
Extortion ,
FBI ,
General Data Protection Regulation (GDPR) ,
Hackers ,
North Korea ,
Popular ,
Remote Working ,
Risk Management
The U.S. Department of Homeland Security (DHS) recently published new security requirements for certain restricted transactions covered by the U.S. Department of Justice’s (DOJ) sensitive data export rules. ...more
2/4/2025
/ Biden Administration ,
China ,
Corporate Counsel ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Department of Homeland Security (DHS) ,
Department of Justice (DOJ) ,
Executive Orders ,
National Security ,
Restricted Transactions ,
Russia ,
Security and Privacy Controls
On December 24, 2024, New York Governor Kathy Hochul signed into law amendments to New York’s private-sector data breach notification law (General Business Law § 899-aa) and government agency data breach notification law (New...more
1/15/2025
/ Amended Legislation ,
Compliance ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Notification Requirements ,
NYDFS ,
Personal Data ,
Private Sector ,
Sensitive Personal Information ,
State Privacy Laws
The U.S. Department of Health and Human Services (HHS) recently released a proposed rule to better protect electronic health data from cybersecurity threats. The proposed rule would apply to health plans, healthcare...more
Signed into law at the beginning of 2024, colloquially known as the New Jersey Data Protection Act (NJDPA), N.J. Stat. § 56:8-166.4 et seq. will go into effect on January 15, 2025, as New Jersey joins eighteen other states...more
The Federal Trade Commission (FTC) has a long-standing habit of creating legal obligations through blog posts. Recent communications from the FTC by way of its Office of Technology Blog evidence an aggressive expectation...more
8/19/2024
/ Anonymization ,
Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Data Protection ,
De-Identification ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Safe Harbors ,
Subject Matter Experts (SMEs)
The U.S. Department of Health and Human Services (HHS) has announced a plan to provide resources and incentives for the healthcare industry to adopt cybersecurity measures and to increase potential regulatory penalties for...more