As of April 1, 2025, all merchants and third-party service providers (TPSPs) involved in processing credit or debit card payments must fully adhere to the enhanced security requirements outlined in the Payment Card Industry...more
Following our recent client alert, learn more about PCI DSS 4.0 coming into effect and its impact on organizations in 2025. Mark Schreiber, Brian Long, and Sam Genovese share further insights from working with clients on...more
The act of predicting what will become the dominating storyline of data privacy and cybersecurity in 2025 is a hazardous enterprise, as one is almost surely to get something wrong. Without fail, every year, regulators and the...more
1/6/2025
/ Artificial Intelligence ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Digital Operational Resilience Act (DORA) ,
Enforcement Actions ,
EU ,
Machine Learning ,
PCI-DSS Standard ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws ,
Technology Sector ,
Web Tracking ,
Websites
Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of Mazars for the next installment in our PCI DSS 4.0 series. PCI DSS 4.0 brings major changes to payments with an increased focus on...more
5/26/2023
/ Continuing Legal Education ,
Credit Cards ,
Cybersecurity ,
Data Security ,
Debit and Credit Card Transactions ,
Information Security ,
Payment Processors ,
Popular ,
Risk Assessment ,
Risk Management ,
Sensitive Personal Information ,
Third-Party Risk ,
Third-Party Service Provider ,
Webinars
Last year, the Payment Card Industry Security Standards Council released version 4.0 of its Data Security Standard (PCI DSS 4.0). The new version, which brings major changes to the payments ecosystem and compliance...more
On March 31, 2022, the Payment Card Industry Security Standards Council released version 4.0 of its Data Security Standard (PCI DSS 4.0). The new version—which brings major changes to the payments ecosystem—places an...more
As highlighted in our December 10, 2021, article, the Apache Log4j vulnerability is garnering significant attention throughout the public and private sectors. There are reportedly upwards of 100 million devices and servers...more
Complementing the patchwork of state data breach notification laws, a number of federal agencies recently have promulgated sector-specific reporting rules affecting a variety of companies, both directly and indirectly, with...more
12/10/2021
/ Biden Administration ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Executive Orders ,
Personally Identifiable Information ,
Popular ,
Reporting Requirements ,
Risk Management
Amid the Coronavirus (COVID-19) pandemic, more people than ever before are working remotely from their homes—raising new cyber risks for businesses. Here are six ways that you can protect your employees and your...more
As the globe grapples with increasing challenges to sustaining “business as usual” in their enterprises, our team of Employment, Employee Benefits, Health and Privacy & Cybersecurity lawyers invite you to join us for...more
3/17/2020
/ Anti-Discrimination Policies ,
Anti-Harassment Policies ,
Anti-Retaliation Provisions ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Privacy ,
Data Security ,
Data-Sharing ,
Employee Benefits ,
Employment Policies ,
Health and Safety ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Savings Accounts ,
Infectious Diseases ,
Paid Time Off (PTO) ,
Personal Data ,
Public Health ,
Quarantine ,
Remote Working ,
Risk Mitigation ,
Sick Leave ,
Webinars ,
Workplace Safety
For companies seeking to use, license, or otherwise commercialize health data, there are potential inconsistencies among the HIPAA de-identification standard, the CCPA definition of de-identified data, and GDPR requirements...more
2/26/2020
/ Business Associates ,
California Consumer Privacy Act (CCPA) ,
Covered Entities ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Use Policies ,
De-Identified Protected Health Information ,
Electronic Protected Health Information (ePHI) ,
General Data Protection Regulation (GDPR) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
PHI ,
Webinars
Now that CCPA has taken effect, how have California consumers, regulators and plaintiffs’ class action lawyers responded to the new law? We’ll review early developments in the California consumer privacy landscape, address...more
1/23/2020
/ California Consumer Privacy Act (CCPA) ,
Class Action ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Mitigation ,
Webinars
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
1/16/2020
/ Automation Systems ,
Best Practices ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consent ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Data Subjects Rights ,
Discovery ,
Events ,
Information Security ,
Information Technology ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Assessment ,
Vendor Contacts ,
Vendors
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
1/14/2020
/ Automation Systems ,
Best Practices ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consent ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Data Subjects Rights ,
Discovery ,
Events ,
Information Security ,
Information Technology ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Assessment ,
Vendor Contacts ,
Vendors
California has taken bold steps to regulate the privacy and security of personal information, creating unprecedented remedies for data breaches and recognized European-style rights for consumers in their data.
On September...more
8/9/2019
/ Big Data ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Emerging Technology Companies ,
Events ,
Information Technology ,
Popular ,
Risk Management ,
Security Risk Assessments ,
State Data Privacy Laws
New cybersecurity regulations issued by the NYDFS define the nonpublic information they regulate in exceptionally broad terms. This expanded definition of Nonpublic Information will create major challenges for regulated...more