Goli Mahdavi on Data Protection

California's Delete Act: A First of Its Kind Data Broker Law

On October 10, 2023, California Governor Gavin Newsom signed SB 362 into law. The “Delete Act” is intended to bridge a gap in consumer privacy rights – whereas the California Privacy Rights Act (the CPRA) grants consumers the...more

12/29/2023 / California Privacy Rights Act (CPRA) , Consumer Privacy Rights , Cybersecurity , Data Brokers , Data Collection , Data Privacy , Data Protection

A Kinder, Gentler Consumer Health Data Bill: Nevada’s SB 370

On June 16, 2023, Nevada Governor Joe Lombardo signed SB 370 into law. This new law is a consumer health data bill that is similar in many ways to Washington’s My Health My Data Act (MHMDA). SB 370, like most provisions of...more

7/27/2023 / Data Collection , Data Privacy , Data Protection , Data Selling , Data-Sharing , New Legislation , Notice Requirements , PHI , Privacy Laws

The Colorado Privacy Act applies to non-profits - is your non-profit ready?

To date, US non-profit organizations have enjoyed an exemption from the state omnibus privacy laws. That’s about to change. Unlike the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA),...more

6/9/2023 / Compliance , Data Privacy , Data Protection , Data Selling , Data Subjects Rights , Nonprofits , Notice Requirements , Personal Data , State Privacy Laws

Colorado’s “Loyalty Program” regulations are final, and they blow California’s rules out of the water

On March 15, 2023, the Colorado Attorney General’s Office announced the finalization of the Regulations implementing the Colorado Privacy Act (CPA), which will take effect on July 1, 2023. Covered businesses that make use of...more

5/30/2023 / Consumer Privacy Rights , Corporate Counsel , Customer-Loyalty Programs , Cybersecurity , Data Collection , Data Protection , State Privacy Laws

Washington My Health My Data Act: Compliance Hurdles and How to Prepare

On April 27, 2023, the Washington state governor signed into law the My Health My Data Act, also known as the MHMDA. The majority of the law’s provisions will take effect on March 31, 2024, providing companies with one...more

5/18/2023 / Compliance , Compliance Dates , Data Privacy , Data Protection , Health Insurance Portability and Accountability Act (HIPAA) , Mobile Health Apps , PHI , Privacy Laws , State Privacy Laws

Comparing the Data Protection Assessment Requirements Across the Next Generation of U.S. State Privacy Laws

What is a data protection impact assessment (DPIA)? A data protection impact assessment or data protection assessment (DPIA) is a form of risk assessment that is designed to help organizations identify, analyze and...more

11/30/2021 / Data Collection , Data Protection , Data Protection Impact Assessments (DPIAs) , Data Retention , Data-Sharing , Risk Assessment , State Privacy Laws

GDPR’s Most Frequently Asked Questions: Are processors required to fully indemnify controllers for the actions of their...

The European Union's General Data Protection Regulation ("GDPR") is arguably the most comprehensive - and complex - data privacy regulation in the world. Although the GDPR went into force on May 25, 2018, there continues to...more

4/17/2019 / Data Controller , Data Processors , Data Protection , EU , EU Data Protection Laws , General Data Protection Regulation (GDPR) , Indemnification , Indemnification Clauses , Indemnity Agreements , International Data Transfers , Personal Data

Avoiding the California Privacy and Security Litigation Tsunami: CCPA FAQ: What Are “Reasonable Security Procedures and Practices”...

Companies that do business in California know that it is a magnet for class action litigation. The California Consumer Privacy Act ("CCPA"), a new privacy law that applies to data collected about California residents, will...more

2/27/2019 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Data Privacy , Data Protection , General Data Protection Regulation (GDPR) , Security and Privacy Controls

Goli Mahdavi

BCLP

Popular Topics by This Author

Latest Posts › Data Protection