Two state privacy laws that pose unique applicability concerns went into effect July 1, 2024: the Oregon Consumer Privacy Act (the “OCPA”) and the Texas Data Privacy and Security Act (the “TDPSA”). Generally following the...more
On April 4, 2024, the United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) released for public comment its long-awaited proposed rules to implement the Cyber Incident...more
Effective July 1, 2024, Texas will join California, Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, New Jersey, Oregon, Tennessee, Utah and Virginia, with a new, general consumer privacy statute the Texas Data...more
Washington state recently enacted the My Health, My Data Act (House Bill 1155) (the “MHMD Act”), which aggressively requires all entities that collect, share, or sell consumer health data in Washington to comply with very...more
After passing the Texas Senate on May 10, 2023, the Texas Data Privacy and Security Act (the “TDPSA”) was reconciled by the conference committee between the Texas Senate and House and awaits final approval from Governor Greg...more
In the wake of the disruptive ransomware attack on the Colonial Pipeline in early May 2021, the U.S. Transportation Security Administration (“TSA”) issued two security directives to the pipeline industry. The first, Security...more
The U.S. Department of Labor (“DOL”) recently issued guidance on best practices for maintaining cybersecurity directed to plan sponsors, fiduciaries, record-keepers and participants of employee benefit plans governed by the...more
We want to enable our personnel to work from home during this health crisis. What do we need to worry about from a privacy and cybersecurity perspective?
1.Equipment. Personnel working remotely will need equipment, and you...more
As we first reported on July 24, 2019 (and updated on September 24, 2019), an amendment of New York’s data breach notification law—the Stop Hacks and Improve Electronic Data Security Act, commonly referred to as the SHIELD...more
New York’s latest attempt to strengthen its breach notification requirements to protect New York residents’ private information—the Stop Hacks and Improve Electronic Data Security Act, commonly referred to as the SHIELD Act...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees in...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers and are (or are jointly with...more
On two fronts, the Human Resources department has an increasingly important role in the privacy and security of an organization’s data. On the one hand, HR collects, uses, retains, stores, and disposes of personal information...more
We recently reported on New York’s latest attempt to strengthen its breach notification requirements to protect New York residents’ private information —the Stop Hacks and Improve Electronic Data Security Act, commonly...more
With the recent passage of SB 220, Nevada has become the latest state to regulate consumer privacy online by allowing individuals to opt-out of certain sales of their information. Although SB 220 is not a comprehensive data...more
The 2019 Texas legislative session recently passed a new bill on the consumer privacy front that strengthens the breach notification obligations under the Texas Identity Theft Enforcement and Protection Act (“TITEPA,” located...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees...more
Effective January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) will impose new privacy obligations on certain businesses that collect personal information of residents of California and are responsible for...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) will impose new privacy obligations on certain businesses that collect personal information of California consumers and are (or are jointly...more
The changes keep coming! In 2018, state legislatures have been active in enacting and amending data breach notification laws. With Alabama’s recent enactment, all 50 states now have data breach notification laws....more
The changes keep coming! As a follow up to our last article, we are highlighting additional amendments to various state data breach notification laws, some of which require immediate action for preparedness and compliance. ...more
We have rounded up the latest changes to data breach notification laws. During 2018, there have been several significant revisions to U.S. state data breach notification laws. Also, with the recent enactment of the Alabama...more
Please join the Locke Lord Employee Benefits and Executive Compensation Group for our 29th Annual Employee Benefits Seminar. Our attorneys will provide an overview of current developments related to employee benefit plans....more
The Food and Drug Administration (FDA) recently issued nonbinding guidance focusing on the software vulnerabilities of networked medical devices that are already on the market. The guidance focuses on the importance of...more
New York’s Cybersecurity Requirements for DFS Licensees: A New Item at the Top of the To Do List -
With a compliance date a few months away, licensees of the New York Department of Financial Services (DFS) must start...more
1/30/2017
/ Banks ,
Cybersecurity ,
Department of Energy (DOE) ,
Department of Financial Services ,
Department of Homeland Security (DHS) ,
Food and Drug Administration (FDA) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet of Things ,
Medical Devices ,
NIST ,
Personally Identifiable Information ,
Popular ,
Ransomware