ARTIFICIAL INTELLIGENCE -
What is the Privacy Impact of the White House AI Order for Businesses? Posted November 28, 2023
Biden’s sweeping AI Executive Order sought to have artificial intelligence used in accordance...more
2/7/2024
/ Artificial Intelligence ,
Biometric Information ,
Biometric Information Privacy Act ,
Consumer Privacy Rights ,
Cross-Border Transactions ,
Cybersecurity ,
Data Breach ,
Data Brokers ,
Data Privacy ,
Data Protection ,
Data Security ,
Healthcare ,
Legislative Agendas ,
New Legislation ,
New Regulations ,
Online Safety for Children ,
Privacy Acts ,
Privacy Laws ,
State and Local Government ,
State Privacy Laws
The FTC recently took action against the online alcohol marketplace company Drizly and its CEO for alleged security failures. The case arose from a 2018 data breach which was caused – according to the FTC – by poor security...more
In a recent letter to the UK law society, the UK Information Commissioner’s Office and the National Cyber Security Centre have provided lawyers with advice about ransomware payments...more
The New York AG recently issued information about steps companies can take to protect against credential stuffing attacks, and how to handle them if they occur. The guidance makes up a majority of a larger AG report on...more
The New York State Department of Financial Services recently announced new guidance addressing ransomware attacks, and highlighting cybersecurity measures to significantly reduce the risk of an attack. The guidance comes as...more
7/13/2021
/ Confidential Information ,
Cyber Attacks ,
Cybersecurity ,
Data Protection ,
FBI ,
Financial Institutions ,
Financial Services Industry ,
Information Technology ,
New Guidance ,
NYDFS ,
Office of Foreign Assets Control (OFAC) ,
Ransomware ,
Supply Chain
Cyberattacks have become big business, from the standpoint of both the attackers and attorneys pursuing liability compensation from corporate attack victims. Threat actors range well beyond hacker cults of old, now including...more
3/23/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Popular ,
Ransomware
Cyberattacks have become big business from the standpoint of attackers. Threat actors range well beyond cults of old, and now including sophisticated state actors, large businesses organized for the very purpose of cyber...more
During COVID-19, in certain areas of the law, we have seen significant flexibility from regulators and government agencies in how they are addressing typical approval processes and/or compliance requirements. In the context...more
During their COVID-19 preparations, companies are dusting off -and deploying- their business continuity plans. Also worth revisiting are incident response plans. Teams working remotely, if faced with a data breach, will still...more
The European Data Protection Board recently requested comments on its data protection “by design and default” guidelines. Comments are due by mid-January of next year. The Guidelines provide clarity about how to address...more
Effective October 1, 2019, organizations providing health insurance and related services must notify the Maryland Insurance Administration as part of its breach notification requirements.
In August 2019, the Maryland...more
As we recently reported, New York’s new SHIELD Act contains data security provisions. It also contains a number of key changes to New York’s existing breach notification obligations. These changes will become effective...more
New York recently passed the SHIELD Act, which, among other things, newly establishes data security requirements for companies that collect private information about New York residents. The data security protections required...more
8/27/2019
/ Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
New Legislation ,
Personally Identifiable Information ,
Policies and Procedures ,
Security Risk Assessments ,
SHIELD Act ,
State Data Breach Notification Statutes
The SEC recently issued a risk alert warning about using vendors and cloud-based platforms. Many broker dealers and investment advisors are turning to these third parties to store customer data. In its alert, the SEC’s Office...more
6/12/2019
/ Broker-Dealer ,
Cloud Storage ,
Customer Information ,
Data Outsourcing ,
Data Protection ,
Data Security ,
Data Storage Providers ,
Investment Adviser ,
Policies and Procedures ,
Regulation S-ID ,
Regulation S-P ,
Risk Alert ,
Securities and Exchange Commission (SEC) ,
Vendors
For the fourth year running, the Securities and Exchange Commission’s Office continues to list cybersecurity as one of the top enforcement priorities for 2019. As it relates to cybersecurity, the SEC will be focusing on...more
3/28/2019
/ Customer Information ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Preservation ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Storage ,
Incident Response Plans ,
Information Security ,
Investment Adviser ,
Policies and Procedures ,
Popular ,
Regulatory Agenda ,
Retailers ,
Risk Assessment ,
Securities and Exchange Commission (SEC) ,
Vendors
Ohio recently followed South Carolina as the second state to adopt cybersecurity legislation modeled after the NAIC’s Insurance Data Security Model Law. The Ohio law, Senate Bill 273, applies to insurers authorized to do...more
3/21/2019
/ Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Incident Response Plans ,
Information Security ,
Insurance Industry ,
Insurer Liability ,
New Legislation ,
Personally Identifiable Information ,
Risk Assessment ,
State Data Breach Notification Statutes ,
Third-Party Service Provider