As we noted in our previous blog here, on January 6, 2025, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking (NPRM) proposing substantial revisions...more
The HIPAA Security Rule was originally promulgated over 20 years ago.
While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more
1/31/2025
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Security Rule ,
NIST ,
Patient Privacy Rights ,
PHI ,
Proposed Rules ,
Risk Management
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”). New Jersey is the fourteenth state to pass a...more
1/24/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Information Technology ,
New Jersey ,
New Legislation ,
New Regulations ,
State Data Privacy Laws ,
State Privacy Laws
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”). New Jersey is the fourteenth state to pass a...more
1/23/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Controller ,
Data Management ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
New Jersey ,
New Legislation ,
Personal Data ,
Popular ,
Regulatory Reform ,
State Data Privacy Laws
California’s Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) give consumers substantial rights regarding the disclosure and use of their personal information collected by businesses subject to the...more
The California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) gives consumers increasingly more control over their personal information when collected by businesses subject to the law. We have...more
As reported in a June 3, 2022 press release from the House Committee on Energy and Commerce, U.S. Representatives Frank Pallone, Cathy McMorris Rodgers, and Senator Roger Wicker released a “discussion draft” of a federal data...more
The Federal Trade Commission (“FTC”) recently issued guidance clarifying protections applicable to consumers’ sensitive personal data increasingly collected by so-called “health apps.” The FTC press release indicated it has...more
A recently discovered security vulnerability potentially affecting at least 100 million Internet of Things (“IoT”) devices[1] highlights the importance of the newly enacted IoT Cybersecurity Improvement Act of 2020 (the “IoT...more
Enacted on December 4, 2020, the Internet of Things Cybersecurity Improvement Act of 2020 (the “IoT Act”) is expected to dramatically improve the cybersecurity of the ubiquitous IoT devices.[1] With IoT devices on track to...more
The California Privacy Rights Act (“CPRA”) leaps forward on cybersecurity by amending the California Consumer Privacy Act (“CCPA”) to impose enhanced protections. The CPRA enhancements apply to “for profit” companies and...more
It’s #WorkforceWednesday! This week we’re focusing on the long-term operations plans employers are putting in place due to COVID-19, whether it is utilizing extended remote work models or training their managers on return to...more
8/12/2020
/ Anti-Discrimination Policies ,
Anti-Harassment Policies ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Employer Liability Issues ,
Employment Policies ,
Hackers ,
Hiring & Firing ,
Phishing Scams ,
Policies and Procedures ,
Popular ,
Remote Working ,
Risk Mitigation ,
Wage and Hour
Time is running out. The effective date of New York’s cybersecurity law mandating that organizations implement an information security program to protect “private information” of New York State residents, including employee...more
2/6/2020
/ Cybersecurity ,
Data Management ,
Data Protection ,
Data Security ,
Gramm-Leach-Blilely Act ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Information Technology ,
New Legislation ,
NYDFS ,
Personal Data ,
Personally Identifiable Information ,
Risk Management ,
Security Standards ,
SHIELD Act ,
State and Local Government ,
State Data Breach Notification Statutes