Key Point: The Federal Trade Commission (FTC) has amended the Safeguards Rule to require non-banking financial institutions to inform the FTC within 30 days of discovering any unauthorized acquisition of unencrypted customer...more
10/31/2023
/ Amended Rules ,
Board of Governors ,
Breach Notification Rule ,
Cyber Incident Reporting ,
Data Breach ,
Data Security ,
Dodd-Frank ,
FDIC ,
Federal Trade Commission (FTC) ,
Financial Services Industry ,
GLBA Privacy ,
Gramm-Leach-Blilely Act ,
Non-Public Information ,
NYDFS ,
OCC ,
Safeguards Rule ,
Securities and Exchange Commission (SEC)
Keypoint: New Utah law creates incentive for businesses to develop and implement a written cybersecurity program to protect themselves against data breach lawsuits.
On March 11, 2021, Utah governor Spencer Cox signed the...more
3/30/2021
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
DSS ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
PCI ,
Personally Identifiable Information ,
Popular ,
Risk Management ,
State and Local Government ,
State Data Breach Notification Statutes
On December 4, 2020 the President signed into law the IoT Cybersecurity Improvement Act of 2020, Pub. L. No. 116-207 (the “IoT Act”). The legislative purpose behind the new law is to ensure the highest level of cybersecurity...more
12/16/2020
/ Connected Items ,
Consumer Privacy Rights ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Cybersecurity Framework ,
Data Security ,
Department of Homeland Security (DHS) ,
Information Systems Security Program (ISSP) ,
Internet of Things ,
NDAA ,
NIST ,
Popular ,
Subcontractors ,
Technology Sector ,
Trump Administration
Key Point: California AG Becerra’s investigation into security flaws in the Glow fertility app results in a settlement agreement that resembles recent enforcement agreements in New York but is also unique in requiring the...more
Key Point: The New York Attorney General’s Office (NYAG) reached a Consent and Stipulation Agreement with Dunkin’ Brands, Inc. (Dunkin), which obligates the company to implement and maintain a comprehensive information...more
9/23/2020
/ Attorney General ,
California Consumer Privacy Act (CCPA) ,
Consumers ,
Cyber Attacks ,
Data Breach ,
Data Security ,
Dunkin' Donuts ,
Federal Trade Commission (FTC) ,
Hackers ,
Misleading Statements ,
New York ,
NYDFS ,
Perks ,
SHIELD Act ,
Zoom®
Resulting in Zoom Promising to Implement an Information Security Program, Resembling the SHIELD Act-
Key point: The Letter of Agreement between the New York Attorney General and Zoom Video Communications, Inc. provides...more
Keypoint: With just two days to go before the close of the Washington legislature, a conference committee will try to resolve conflicts between the House and Senate versions of the WPA.
As we previously reported, on...more
Key Point: The SHIELD Act increases the statutory penalties for knowing and reckless violations of the State’s data breach notification law. It also authorizes the NY Attorney General to pursue injunctive relief and monetary...more
Key Point: If signed by the Governor, the legislation will require entities doing business in New York to implement and maintain reasonable safeguards to protect the security, confidentiality and integrity of private...more
Given the near ubiquitous coverage of proposed CCPA amendments, it may be hard to believe that any bill could fly under the radar, but that appears to be the case with AB 1035, which would amend the CCPA’s private right of...more
A surprise legislative storm ripped through Olympia, Washington last week, and the proposed Washington Privacy Act (SB-5376) took the brunt of the damage. The bill sailed through the Democrat-controlled Washington State...more
Colorado’s Protections for Consumer Data Privacy law (“new law”) takes effect on September 1, 2018 and requires that businesses holding personal information for Colorado residents destroy the data they don’t need, protect the...more