On January 1, 2019 Vermont’s breach notice law will include obligations specific to data brokers. A “data broker” is defined as a business that “knowingly collects and sells or licenses to third parties the brokered personal...more
12/24/2018
/ Cybersecurity ,
Data Breach ,
Data Brokers ,
Data Collection ,
Data Protection ,
Data Security ,
Disclosure Requirements ,
Encryption ,
Good Faith ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Registration Requirement ,
State Data Breach Notification Statutes
In another change to US state breach notice laws in 2019, South Carolina will have new breach notice requirements for insurance companies. The requirements follow the National Association of Insurance Commissioners’ Insurance...more
12/20/2018
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Insurance Industry ,
National Association of Insurance Commissioners ,
New Legislation ,
Notification Requirements ,
Risk Assessment ,
State Data Breach Notification Statutes
As we approach 2019, companies will want to keep in mind the changes that are coming to various US states’ breach notice laws. On January 1, 2019 Iowa’s law, which has already been amended twice since it was passed in 2008,...more
12/13/2018
/ Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Encryption ,
Exemptions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Notification Requirements ,
State Attorneys General ,
State Data Breach Notification Statutes
The Federal Trade Commission recently issued a cyber guide that, while intended for small businesses, can be of help for all businesses. The purpose of the guide, which includes various modules, is to help smaller businesses...more
11/13/2018
/ Cyber Insurance ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
New Guidance ,
Phishing Scams ,
Popular ,
Risk Mitigation ,
Small Business ,
Vendor Contacts
Effective November 2, 2018, companies that suffer a breach may have certain defenses in Ohio if they have a written cybersecurity program in place. Under this new law, companies can use as an affirmative defense the existence...more
10/30/2018
/ Affirmative Defenses ,
Confidential Information ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Legislation ,
NIST ,
Policies and Procedures ,
Popular ,
Safe Harbors ,
Security Controls ,
State Data Breach Notification Statutes
The New Jersey attorney general recently announced its settlement with software company LightYear Dealer Technologies, LLC- doing business as DealerBuilt- over a 2016 data breach. The company provides its clients, car...more
The Securities and Exchange Commission recently settled with Voya Financial Advisors, Inc. for alleged violation of Regulation S-ID (otherwise known as the Identity Theft Red Flags Rule) and Regulation S-P (otherwise known as...more
10/23/2018
/ Bad Actors ,
Broker-Dealer ,
Customer Information ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Enforcement Actions ,
Fines ,
Identity Theft ,
Identity Theft Prevention Program ,
Identity Theft Red Flags Rule ,
Investment Adviser ,
Passwords ,
Personally Identifiable Information ,
Policies and Procedures ,
Regulation S-ID ,
Regulation S-P ,
Safeguards Rule ,
Securities and Exchange Commission (SEC)