Latest Posts › Popular

Share:

New State Health Privacy Laws—Moving Beyond HIPAA and Recasting Consumer Health Data Rights?

New, first-of-their-kind consumer health data privacy laws in Washington and Nevada are designed to provide state-level protections for personal health data not covered by the Health Insurance Portability and Accountability...more

NIST Extends its Cybersecurity Framework to Cover Evolving Threats and Governance

The National Institute of Standards and Technology ("NIST") released a significant update to its framework, expanding its scope and reach to cover a broader audience and evolving cybersecurity risks and management issues....more

HHS Releases Cybersecurity Performance Goals to Enhance Cybersecurity for Health Care and Public Health Sectors

The Department of Health and Human Services ("HHS") has released voluntary cybersecurity performance goals for the health care and public health sectors, which outline an increasingly standardized regulatory approach and...more

HHS Announces Upcoming Federal Strategies to Enhance Cybersecurity for Health Care and Public Health Sectors

The Department of Health and Human Services ("HHS") has released a concept paper outlining its new cybersecurity strategies for the health care sector, identifying cybersecurity priorities, potential future regulations and...more

New York Governor Proposes Stringent Cybersecurity Regulations for Hospitals

New York is the first state to propose cybersecurity requirements for all hospitals operating in the state to address patient safety and other cybersecurity related issues....more

NYDFS Expands Cybersecurity Regulations: Extortion Payment Reporting, Corporate Governance, and Technical Requirements

A major amendment to the New York State Department of Financial Services' cybersecurity regulations establishes affirmative cybersecurity oversight duties and requires companies to report extortion payments to the agency....more

FTC Requires Non-Bank Financial Institutions to Report Data Security Breaches Under Amended Safeguards Rule

On Friday, October 27, the Federal Trade Commission ("FTC") announced new amendments to the Safeguards Rule, requiring covered financial institutions to report certain data breaches to the FTC and reflecting its continuing...more

The Consumer Financial Protection Bureau Announces Sweeping Rulemaking for Companies That Collect and Furnish Personal Data

On August 15, 2023, the Consumer Financial Protection Bureau ("CFPB") announced it was launching a rulemaking aimed at subjecting any company or entity that collects and sells consumer data to the Fair Credit Reporting Act...more

Oregon Becomes 11th State to Enact a Comprehensive Data Privacy Law

On July 18, 2023, Oregon Governor Tina Kotek signed Senate Bill 619, referred to as the "Oregon Consumer Privacy Act" ("OCPA" or "the Act"), making Oregon the 11th state to enact a comprehensive data privacy law....more

Generative AI End-User License Agreements: What Users Need to Know

In Short - The Background: The prevalence of generative artificial intelligence ("GenAI") is rapidly expanding, providing vast opportunities for efficiency and innovation, while also creating new risks....more

SEC Advances Three Cybersecurity Rule Proposals to Public Comment

If adopted, these proposed rules would (i) enhance protection of customer information under Regulation S-P, (ii) add new requirements addressing cybersecurity risk to the U.S. securities markets, and (iii) expand the types of...more

SEC Fines Company $3 Million for Allegedly Misleading Cyberattack Disclosures

Asserting that the company misstated the scope of data stolen in the cyberattack, the SEC provides a clear reminder that cybersecurity disclosures remain an agency priority....more

Vital Signs Digital Health Law Update | Winter 2023

Note From the Editors - We bring you Vital Signs, a curated, one-stop resource on the most notable digital health law updates from our U.S. and global contributors. In Industry Insights, our lawyers take an in-depth look at...more

Australian Government Serious About Data Privacy: Substantial Increases in Fines and Enhanced Regulatory Powers

In Short - The Situation: Following a number of high-profile cyber incidents resulting in significant data breaches, the Australian Government has doubled down on its efforts to strengthen privacy laws and cybersecurity...more

Rising Global Regulation for Artificial Intelligence

Across multiple continents and industries, artificial intelligence ("AI") is a topic of intense focus by governments, research institutions, investors, and corporations—from start-ups to well-established industry players. As...more

European Commission Proposes Legislation Imposing New Cybersecurity Requirements on Digital Products

On September 15, 2022, the European Commission ("EU") published a proposal for a Cyber Resilience Act, the first EU-wide legislation introducing a single set of cybersecurity rules for hardware and software products placed in...more

President Biden Signs Cyber Incident Reporting for Critical Infrastructure Act

On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the "Act"), creating new requirements for organizations operating in critical infrastructure sectors to...more

Department of Commerce Seeks Comment on Regulation of IaaS Providers

Regulations will mandate more robust customer identity verification procedures and special measures to combat malicious cyber activities. On September 24, 2021, the Department of Commerce ("Commerce") published an Advance...more

Connecticut Expands Data Breach Notification Requirements and Establishes a Cybersecurity "Safe Harbor"

Connecticut has become the third state to enact a cybersecurity safe harbor statute. On June 16 and July 6, 2021, Connecticut Governor Ned Lamont signed two new cybersecurity laws that continue the national trend of...more

Fintech: Proposed Banking Cyber-Incident Notification Rules Could Apply to You, Too

The Situation: As we advised in our recent Commentary, federal banking regulators have proposed rules requiring a banking organization to provide its primary federal regulator with prompt notification of any...more

Jones Day Global Privacy & Cybersecurity Update | Vol. 27

United States - Regulatory—Policy, Best Practices, and Standard - NIST Unveils Draft Guidance to Protect Critical Infrastructure - On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more

California Voters Adopt the California Privacy Rights Act

The Situation: Less than one year after the California Consumer Privacy Act ("CCPA") became effective, California voters approved the California Privacy Rights Act ("CPRA"), a consumer privacy ballot initiative that amends...more

Managing Cybersecurity and Data Privacy Concerns During the COVID-19 Pandemic

The Situation: The global spread of the novel coronavirus (COVID-19) has prompted the workforce to migrate from the office to remote-working environments and businesses to adopt new data collection, use, and disclosure...more

China Cybersecurity Law Continues to Bring Enforcement Crackdown

The Situation: In the two years since China enacted the Cybersecurity Law, which granted authorities broad powers to monitor and investigate activities falling under its purview, authorities have increasingly penalized...more

45 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide