Two state privacy laws that pose unique applicability concerns went into effect July 1, 2024: the Oregon Consumer Privacy Act (the “OCPA”) and the Texas Data Privacy and Security Act (the “TDPSA”). Generally following the...more
On April 4, 2024, the United States Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (“CISA”) released for public comment its long-awaited proposed rules to implement the Cyber Incident...more
Effective July 1, 2024, Texas will join California, Colorado, Connecticut, Delaware, Indiana, Iowa, Montana, New Jersey, Oregon, Tennessee, Utah and Virginia, with a new, general consumer privacy statute the Texas Data...more
Washington state recently enacted the My Health, My Data Act (House Bill 1155) (the “MHMD Act”), which aggressively requires all entities that collect, share, or sell consumer health data in Washington to comply with very...more
After passing the Texas Senate on May 10, 2023, the Texas Data Privacy and Security Act (the “TDPSA”) was reconciled by the conference committee between the Texas Senate and House and awaits final approval from Governor Greg...more
As we first reported on July 24, 2019 (and updated on September 24, 2019), an amendment of New York’s data breach notification law—the Stop Hacks and Improve Electronic Data Security Act, commonly referred to as the SHIELD...more
New York’s latest attempt to strengthen its breach notification requirements to protect New York residents’ private information—the Stop Hacks and Improve Electronic Data Security Act, commonly referred to as the SHIELD Act...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees in...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers and are (or are jointly with...more
On two fronts, the Human Resources department has an increasingly important role in the privacy and security of an organization’s data. On the one hand, HR collects, uses, retains, stores, and disposes of personal information...more
We recently reported on New York’s latest attempt to strengthen its breach notification requirements to protect New York residents’ private information —the Stop Hacks and Improve Electronic Data Security Act, commonly...more
The 2019 Texas legislative session recently passed a new bill on the consumer privacy front that strengthens the breach notification obligations under the Texas Identity Theft Enforcement and Protection Act (“TITEPA,” located...more
The changes keep coming! In 2018, state legislatures have been active in enacting and amending data breach notification laws. With Alabama’s recent enactment, all 50 states now have data breach notification laws....more
We have rounded up the latest changes to data breach notification laws. During 2018, there have been several significant revisions to U.S. state data breach notification laws. Also, with the recent enactment of the Alabama...more