Pursuant to President Biden’s March Executive Order, the DOJ has proposed new rules limiting the transfer of certain categories of data to “countries of concern” or “covered persons”....more
12/13/2024
/ China ,
Covered Person ,
Covered Transactions ,
Data Security ,
Department of Justice (DOJ) ,
International Data Transfers ,
Personal Data ,
Proposed Rules ,
Russia ,
Sensitive Personal Information ,
Venezuela
As the development and use of AI continues to grow, the potential for security and safety incidents harming organizations and the public increases. Updated reporting and tracking processes for AI security and safety incidents...more
5/14/2024
/ Artificial Intelligence ,
Biden Administration ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Security ,
Executive Orders ,
Machine Learning ,
National Security Agency (NSA) ,
NIST ,
Proposed Legislation
Kentucky joins the growing trend of U.S. state data protection laws with well over a dozen now in place across the country.
Last year proved to be a huge year in U.S. state data protection law, ending with 13 U.S. states...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers.
In...more
4/1/2024
/ China ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Free Trade Zone ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
New Regulations ,
Personal Information ,
Personal Information Protection Law (PIPL) ,
Regulatory Requirements ,
Risk Assessment ,
Security Risk Assessments ,
Sensitive Personal Information ,
Standard Contractual Clauses
New Hampshire joins New Jersey as the second state passing a data protection law in 2024. New Hampshire is the 15th overall US state to do so.
Last year proved to be a huge year in U.S. state data protection law, ending...more
Utah became the fourth U.S. state to pass an omnibus data protection law when the Utah Consumer Privacy Act was signed into law March 24, 2022.
As the page turns to a new year, a new U.S. state data protection law will...more
Data Breaches risk legal consequences—both from state and federal governments and consumers, as well as reputational harm.
Last month, MCNA—a dental benefit provider—provided notice of a data breach that exposed the...more
6/8/2023
/ Covered Entities ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Dental Practice ,
Health Care Providers ,
HIPAA Breach ,
HIPAA Breach Notification Rule ,
PHI ,
Popular
Some states will affirmatively require annual audits of a business’s data collection and processing practices and—in some cases—to submit those audits to state regulators.
With new US state data protection laws taking...more
2/7/2023
/ Audits ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Protection Impact Assessments (DPIAs) ,
Data Security ,
Personal Information ,
Privacy Laws ,
State Privacy Laws ,
Subcontractors ,
Third-Party Service Provider
The new guidelines provide insight into how businesses can submit applications to the CAC in order to obtain approval via the CAC security assessment cross-border data transfer requirement.
As of September 2022, all...more
10/19/2022
/ China ,
Compliance ,
Cross-Border ,
Cybersecurity ,
Data Security ,
International Data Transfers ,
New Guidance ,
Personal Data ,
Personal Information Protection Law (PIPL) ,
Registration Requirement ,
Security Risk Assessments
The transfer mechanisms drive home China’s focus on data localization, as the measures all set forth cumbersome procedures and requirements, including security assessments and required contractual considerations. Despite...more
The brief FTC note indicates the agency will look to combat poor security practices, protect against the misuse of personal information, and discrimination arising from algorithmic decision-making.
Last month, the...more
1/21/2022
/ Algorithms ,
Congressional Committees ,
Consent ,
Data Security ,
Federal Trade Commission (FTC) ,
Personal Data ,
Personal Information ,
Privacy Concerns ,
Proposed Rules ,
Rulemaking Process ,
Unfair or Deceptive Trade Practices
As drafted the new measures specify security assessment and contract requirements but leave ample room for Chinese authorities to heavily restrict cross-border data transfers.
At the end of October, China’s top privacy...more
The updated rule also includes new exemptions, expands the definition of “financial institution,” and creates new accountability requirements.
On October 27th the Federal Trade Commission (“FTC”) adopted and published...more
11/11/2021
/ Customer Information ,
Cybersecurity ,
Data Security ,
Equifax ,
Exemptions ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Financial Services Industry ,
Gramm-Leach-Blilely Act ,
Personally Identifiable Information ,
Regulatory Requirements ,
Safeguards Rule