Demian Ahn on Data Protection

Not Just for DoD Anymore: New Proposed CUI Rule to Apply to All Federal Contractors

On January 15, 2025, the Federal Acquisition Regulatory (FAR) Council issued a proposed rule that, if adopted, would uniformly define and protect Controlled Unclassified Information (CUI) across the government. The proposed...more

1/24/2025 / Cybersecurity , Data Protection , Department of Defense (DOD) , Federal Acquisition Regulations (FAR) , Federal Contractors , Proposed Rules , Reporting Requirements , Risk Management

HHS-OCR Announces Proposed Modifications to the HIPAA Security Rule

The U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) has announced proposed modifications to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (the Proposed Rule). The...more

1/15/2025 / Business Associates , Compliance , Cybersecurity , Data Privacy , Data Protection , Data Security , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Insurance Portability and Accountability Act (HIPAA) , Proposed Rules

New Year, New Developments: 2025 U.S. Privacy, Cybersecurity, and Consumer Protection Predictions

With Inauguration Day just around the corner, we are likely to see a host of new legislative and enforcement initiatives at the federal level. The Federal Trade Commission (FTC) will shift certain priorities under incoming...more

1/8/2025 / Artificial Intelligence , Consumer Privacy Rights , COPPA , Cybersecurity , Data Brokers , Data Privacy , Data Protection , Federal Trade Commission (FTC) , Privacy Laws , State Privacy Laws

Cybersecurity: A Critical Element in Your 2025 Business Forecast

As cyberattacks become more sophisticated, cybersecurity remains a top concern for regulators, consumers, business partners, and investors. Weak security can cause substantial harm to a company and lead to litigation,...more

10/1/2024 / Artificial Intelligence , Board of Directors , Business Operations , Cybersecurity , Data Controller , Data Protection , EU , EU Data Protection Laws , Financial Services Industry , General Data Protection Regulation (GDPR)

New Executive Order Restricts Certain Cross-Border Transactions Involving Sensitive Personal Data of U.S. Citizens

On February 28, 2024, President Biden signed Executive Order 14117 (the Order) aimed at protecting Americans’ sensitive personal data and U.S. Government-related data from exploitation by “countries of concern.” This move...more

3/7/2024 / Biden Administration , Cross-Border Transactions , Data Privacy , Data Protection , Data Security , Executive Orders , International Data Transfers , Personal Data , Personally Identifiable Information

Cybersecurity: What to Watch for in 2024

In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to...more

1/4/2024 / Artificial Intelligence , Biden Administration , Cyber Attacks , Cyber Crimes , Cyber Threats , Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , EU , Federal Contractors , Financial Institutions , Hackers , Popular , Reporting Requirements , Securities and Exchange Commission (SEC)

FTC Amends Safeguard Rule with Requirement for Non-Banking Financial Institutions to Report Data Security Breaches

On October 27, 2023, the Federal Trade Commission (FTC) announced it is amending the Safeguards Rule of the Gramm-Leach-Bliley Act (GLBA) to include a requirement for non-bank financial institutions to report certain data...more

11/7/2023 / Cyber Attacks , Cyber Incident Reporting , Cybersecurity , Data Breach , Data Protection , Data Security , Federal Trade Commission (FTC) , Gramm-Leach-Blilely Act , Hackers

New Proposed Rules Published for Cyber Incident Reporting and Cybersecurity Requirements Will Have Major Impacts on Federal...

Reflective of the Government’s increasing focus on cybersecurity, on October 3, 2023, the Federal Acquisition Regulation Council (FAR Council) released two new proposed rules that will have major impacts on federal...more

10/31/2023 / Cybersecurity , Data Protection , Data Security , Department of Justice (DOJ) , Federal Acquisition Regulations (FAR) , Federal Contractors , Reporting Requirements

SEC Adopts Cybersecurity Disclosure Rules for Public Companies

On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) approved final rules requiring that public companies report material cybersecurity incidents as well as disclose their cybersecurity risk management,...more

8/2/2023 / Cyber Attacks , Cybersecurity , Data Breach , Data Protection , Disclosure Requirements , Final Rules , Publicly-Traded Companies , Securities and Exchange Commission (SEC) , Securities Regulation

White House Releases National Cybersecurity Strategy: Key Takeaways for the Private Sector

On March 2, 2023, the White House released its National Cybersecurity Strategy (the Strategy). The Strategy sets out ambitious goals for the federal government to hold countries accountable for irresponsible behavior in...more

3/15/2023 / Cyber Attacks , Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , International Data Transfers , Personal Data , Personally Identifiable Information , Privacy Laws

DOJ Acknowledges Limits to the CFAA, but Questions (and Possible Civil Liability) Remain for Security Researchers and Others

On May 19, 2022, the U.S. Department of Justice (DOJ) revised its policy regarding charging decisions under the Computer Fraud and Abuse Act (CFAA). The new policy makes clear, "for the first time," that the DOJ "should...more

5/26/2022 / Computer Fraud and Abuse Act (CFAA) , Cyber Attacks , Cyber Crimes , Cybersecurity , Data Breach , Data Protection , Department of Justice (DOJ) , Hackers

Demian Ahn

Wilson Sonsini Goodrich & Rosati

Popular Topics by This Author

Latest Posts › Data Protection