In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our article titled An Introduction to the EU AI Act, we focused on applicability, thresholds, timing, and penalties related to the EU...more
4/19/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Regulatory Oversight ,
Reporting Requirements ,
Risk Management ,
Risk-Based Approaches ,
Technology Sector
On December 8, 2023, European Union (EU) lawmakers reached an agreement on the EU’s AI Act. The EU AI Act has many similar themes to the EU’s General Data Protection Regulation (GDPR) and reflects a big step forward in the...more
1/25/2024
/ Artificial Intelligence ,
Biometric Information ,
Critical Infrastructure Sectors ,
EU ,
Fines ,
General Data Protection Regulation (GDPR) ,
Governance Standards ,
New Legislation ,
Noncompliance ,
Risk Management ,
Threshold Requirements
Startups face unique challenges that can impact their success and sustainability. Obstacles such as financial constraints (inadequate funding or limited cash flow) and resource constraints often result in small teams having...more
10/17/2023
/ Compliance ,
Data Collection ,
Data Privacy ,
Data Protection Impact Assessments (DPIAs) ,
Data Storage ,
Databases ,
Due Diligence ,
General Data Protection Regulation (GDPR) ,
Personal Information ,
Popular ,
Privacy Laws ,
Regulatory Requirements ,
Risk Management ,
Risk Mitigation ,
Software ,
Startups ,
Sustainability
As data privacy regulatory obligations continue to expand, more and more organizations are integrating privacy centers within their public-facing websites. Privacy Centers are portals embedded within the organizations’...more
8 11 The emergence of data protection laws has given greater meaning to how customers and businesses view consent in the context of collecting personal data from consumers. In recent years, regulations such as the General...more
The first major consumer-focused privacy regulation in the U.S., the California Consumer Privacy Act (CCPA), came into effect on January 1st, 2020, which seems like a lifetime ago. Now it’s April 2022, and there are several...more
Recent data privacy regulations like the CPRA in California, the CPA in Colorado, and the CDPA in Virginia will dramatically change how we acquire, store, manage and dispose of information in our organizations. In most major...more
4/28/2022
/ California Consumer Privacy Act (CCPA) ,
CDPA ,
Compliance ,
Data Privacy ,
Data Storage ,
Electronic Records ,
General Data Protection Regulation (GDPR) ,
Information Management ,
New Regulations ,
Personal Information ,
Risk Management ,
State Data Privacy Laws
A new trend in privacy and cybersecurity laws is the introduction of safe harbor clauses for aligning data protection controls to recognized data privacy and cybersecurity frameworks.
OHIO HB376: In July 2021, Ohio...more
8/4/2021
/ California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
NIST ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Safe Harbors
Since the General Data Protection Regulation (GDPR) went into effect in 2018, over half a dozen countries have passed similar privacy regulations and another few dozen have updated or proposed new privacy regulations. In the...more
7/12/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Regulations ,
NIST ,
Privacy Laws ,
Proposed Regulation ,
Risk Assessment