In the Federal Trade Commission’s (“FTC”) first action related to connected vehicle data, the agency announced that it reached a settlement with General Motors (“GM”) over GM’s unauthorized collection, use, and sale of driver...more
On January 16, 2025, the Federal Trade Commission (“FTC”) announced its Final Rule amendments to the Children’s Online Privacy Protection Act (“COPPA”) Rule, which imposes requirements on website and online service operators...more
The Department of Justice (“DOJ”) published its final regulations on “Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons” (the “Final Rule”). The Final...more
2/3/2025
/ Data Privacy ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Enforcement Actions ,
Executive Orders ,
Federal Contractors ,
Final Rules ,
National Security ,
Recordkeeping Requirements ,
Regulatory Requirements ,
Risk Management ,
Sensitive Personal Information
The Office for Civil Rights (“OCR”) under the U.S. Department of Health and Human Services (“HHS”) recently issued a Notice of Proposed Rulemaking (the “Proposed Rule”) to modify the Health Insurance Portability and...more
The Consumer Financial Protection Bureau (“CFPB”) has published a Notice of Proposed Rulemaking (“NPRM”) titled “Protecting Americans From Harmful Data Broker Practices” 89 Fed. Reg. 101402 (Dec. 13, 2024). If adopted in its...more
On October 24, 2024, the Consumer Financial Protection Bureau (“CFPB”) issued a circular titled “Background Dossiers and Algorithmic Scores for Hiring, Promotion, and Other Employment Decisions.” In essence, the circular...more
SEC Cybersecurity Rule Fact Sheet What Is the New Rule? In late July 2023, the SEC adopted new rules that will require publicly traded companies to: disclose cybersecurity incidents within four business days of determining...more
Summary - On July 10, 2023, the European Commission issued an adequacy decision for the EU-U.S. Data Privacy Framework (“EU-U.S. DPF” or “DPF”). The decision concludes that the U.S. ensures an adequate level of protection...more
On March 28, 2023, Iowa became the sixth state to pass a comprehensive consumer privacy law, joining California, Colorado, Connecticut, Utah, and Virginia. The Iowa Act Relating to Consumer Data Protection (“ICDPA”) will...more
The federal government is the latest employer to adopt fair chance hiring requirements for certain parts of its workforce and contractors. The goal being to assist qualified workers with a criminal history to compete for...more
2/1/2022
/ Ban the Box ,
Conditional Job Offers ,
Criminal Background Checks ,
Employer Liability Issues ,
Employment Discrimination ,
Fair Chance Act ,
Federal Contractors ,
Federal Employees ,
Government Agencies ,
Hiring & Firing ,
Job Applicants ,
Labor Regulations
Started in Europe in 2007, Data Privacy Day, or Data Protection Day as it is known internationally, is an international effort that takes place annually on January 28 to create awareness of the importance of data privacy. In...more
1/28/2022
/ California Consumer Privacy Act (CCPA) ,
Data Mapping ,
Data Privacy ,
Data Protection ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
GLBA Privacy ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personally Identifiable Information ,
Policies and Procedures ,
Regulatory Standards
In this episode, AGG partner and co-chair of the firm’s Data Privacy Practice, Kevin L. Coy, and Data Privacy associate, Erin E. Doyle, discuss the federal Fair Chance to Compete for Jobs Act, provide an overview of state and...more
Arnall Golden Gregory LLP's Food & Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community and highlights articles from members of our Food & Drug practice, as well as from...more
The Michigan Supreme Court has ordered Dates of Birth (DOBs) to be redacted when releasing court records, which will make background checks involving Michigan court records more difficult. While the effective date for this...more
On July 7, 2021, Colorado Governor Jared Polis signed into law S.B. 21-190, known as the Colorado Privacy Act (“CPA”). Colorado is now the third U.S. state to enact comprehensive consumer data privacy legislation, following...more
8/6/2021
/ Colorado ,
Consumer Privacy Rights ,
Data Collection ,
Data Controller ,
Data Privacy ,
Data Protection ,
Opt-Outs ,
Personal Data ,
Privacy Laws ,
Right of Access ,
State Privacy Laws
Arnall Golden Gregory LLP's Food & Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community and highlights articles from members of our Food & Drug practice, as well as from...more
7/26/2021
/ Cybersecurity ,
Food and Drug Administration (FDA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Home Health Care ,
Life Sciences ,
Medical Devices ,
Medicare ,
OPDP ,
Pharmaceutical Industry ,
Pharmacies ,
Popular ,
Prescription Drugs ,
State Privacy Laws
With the recent enactment of Virginia’s Consumer Data Privacy Act (VCDPA), and similar bills under consideration in several state legislatures, healthcare and life sciences companies are considering how these new laws are...more
Arnall Golden Gregory LLP's Food & Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community and highlights articles from members of our Food & Drug practice, as well as from...more
The European Commission (“EC”) has adopted a long-awaited new set of standard contractual clauses (“SCCs”) for the transfer of personal data to parties in third countries outside the European Union (“EU”) and European...more
6/18/2021
/ Data Controller ,
Data Processors ,
Data Protection ,
EU ,
European Commission ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
Illinois recently enacted SB 1480, which took effect immediately upon signing on March 23, 2021, and includes amendments to the Illinois Human Rights Act (“IHRA” or Act), making it a civil rights violation for an employer to...more
A recent case out of the Northern District of California serves as a reminder to employers and background screening vendors that the disclosure form required by the Fair Credit Reporting Act (“FCRA”) to be presented to job...more
On March 2, 2021, Virginia Governor Ralph Northam signed into law the Virginia Consumer Data Protection Act (VCDPA), making Virginia the second state, after California, to enact general data privacy legislation. The VCDPA...more
4/13/2021
/ CDPA ,
Consumer Privacy Rights ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Security ,
Opt-Outs ,
Personal Data ,
Privacy Laws ,
Right to Delete ,
State Privacy Laws ,
Virginia
In this episode, AGG’s Food & Drug team leader, Alan G. Minsk, and co-chair of AGG's Data Privacy practice, Kevin L. Coy, discuss U.S. and international privacy and data security law issues life sciences companies may...more
Arnall Golden Gregory LLP's Food & Drug Newsletter is a monthly update of legal and regulatory issues that affect the FDA-regulated community and highlights articles from members of our Food & Drug practice, as well as from...more
3/29/2021
/ Advertising ,
Endorsements ,
Enforcement Actions ,
Food and Drug Administration (FDA) ,
Marketing ,
Medical Devices ,
Misleading Impressions ,
OPDP ,
Pharmaceutical Industry ,
Prescription Drugs ,
Warning Letters ,
Websites
It is a good time to review your website and its accompanying terms and conditions and privacy policies. From year to year, the legal landscape evolves with changes being driven by technological advancements, shifting...more