The Consumer Finance Protection Bureau (CFPB) on Oct. 19, 2023, proposed a new Personal Financial Data Rights rule (Proposal) through which it seeks to increase competition in the financial sector. The Proposal was developed...more
11/28/2023
/ Aggregation Rules ,
Comment Period ,
Competition ,
Consumer Financial Protection Act (CFPA) ,
Consumer Financial Protection Bureau (CFPB) ,
Data Security ,
Data Subject Access Requests ,
Financial Services Industry ,
Open Banking ,
Personal Data ,
Portability ,
Proposed Rules ,
Sensitive Personal Information
Holland & Knight invites you to read our China Practice Newsletter, in which our authors discuss pertinent Sino-American topics.
...more
The New York Department of Financial Services (NYDFS) on Nov. 9, 2022, released Proposed Amendments to its Cybersecurity Regulation. The NYDFS Cybersecurity Regulation was one of the first laws requiring companies to comply...more
11/17/2022
/ Audits ,
Chief Information Security Officer (CISO) ,
Compliance ,
Corporate Governance ,
Cybersecurity ,
Enforcement Actions ,
Financial Institutions ,
Financial Services Industry ,
Internal Controls ,
NYDFS ,
Personal Liability ,
Popular ,
Proposed Amendments ,
Reporting Requirements ,
Risk Assessment ,
Risk Management ,
Security Risk Assessments ,
Sensitive Personal Information
New York Gov. Kathy Hochul signed Senate Bill (SB) S2628 into law on Nov. 8, 2021. The law, which takes effect on May 7, 2022, requires every private-sector employer to provide notice of its electronic monitoring practices to...more
An amendment to the Health Information Technology for Economic and Clinical Health (HITECH) Act was signed into law on Jan. 5, 2021, directing U.S. Health and Human Services (HHS) to consider "recognized security practices"...more
8/31/2021
/ Compliance ,
Covered Entities ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Industry Cybersecurity Practices (HICP) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HITECH Act ,
Incident Response Plans ,
New Legislation ,
NIST ,
PHI
New York City has set its sights on biometric data protection this summer, passing two laws regulating the use of biometric information within the same month. The New York City Council amended its administrative code on July...more
8/19/2021
/ Biometric Information ,
Biometric Information Privacy Act ,
Commercial Tenants ,
Data Collection ,
Data Privacy ,
Local Ordinance ,
Notice Requirements ,
Private Right of Action ,
Smart Devices ,
Statutory Damages ,
Tenants
Standard contractual clauses (SCCs) are a contract addendum with provisions governing the handling of personal information. The express language of the SCCs has been preapproved by the European Commission (Commission) to be...more
6/21/2021
/ Data Controller ,
Data Processors ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
The California Consumer Privacy Act (CCPA or Act) went into effect on Jan. 1, 2020. A first-of-its-kind law in the United States, the CCPA grants California residents expansive rights over businesses' collection, use and...more
7/24/2020
/ Breach of Contract ,
California Consumer Privacy Act (CCPA) ,
Class Action ,
CLRA ,
Consumer Privacy Rights ,
Data Breach ,
Enforcement Authority ,
Negligence ,
Notice Requirements ,
Regulatory Violations ,
State Attorneys General ,
Unfair Competition Law (UCL)
• The signing of the California Consumer Privacy Act (CCPA) into law in June 2018 imposed significant new privacy obligations on businesses that have personal information about California residents and set off a burst of...more
7/10/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Consumer Protection Laws ,
Cybersecurity ,
Data Protection ,
Data Security ,
Fiduciary Duty ,
Governor Cuomo ,
Legislative Agendas ,
Personal Data ,
Popular ,
SHIELD Act ,
State Data Breach Notification Statutes