The long-awaited amendments to the California Consumer Privacy Act of 2018 (CCPA) have finally become law. On October 11, 2019—two days before the October 13 deadline—California Governor Gavin Newsom announced that he signed...more
On October 10, 2019, the California Office of the Attorney General (“AG”) published the long-awaited proposed text of the California Consumer Privacy Act Regulations (the “Proposed Regs”). The Proposed Regs provide guidance...more
10/17/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Proposed Regulation ,
Right to Delete
On September 13, 2019, the California State Legislature passed several amendments to the California Consumer Protection Act (“CCPA”), which was originally passed in 2018 as a flawed and widely-criticized piece of legislation....more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees in...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers and are (or are jointly with...more
On August 2, 2019, New Hampshire became the most recent of many states that adopted an Insurance Data Security Law (Senate Bill 194-FN) modeled after the National Association of Insurance Commissioners’ (NAIC) Insurance Data...more
To date, six states from Michigan to Alabama have adopted versions of the National Association of Insurance Commissioner’s model insurance data security law (the “NAIC model”). The NAIC model generally requires entities...more
On January 10, 2019, Massachusetts Governor Charlie Baker signed House Bill No. 4806 into law. The bill amends certain provisions of the state data breach notification law, increasing reporting requirements on a person or...more
On January 10, 2019, Massachusetts Governor Baker signed “An Act relative to consumer protection from security breaches” (House Bill No. 4806), which added new requirements and obligations for companies that experience a data...more
Locke Lord’s Insurance & Reinsurance Newsletter provides topical snapshots of recent developments in the fast-changing world of insurance. For further information on any of the subjects covered in the newsletter, please...more
As reported on Locke Lord’s InsureReinsure blog, the NAIC adopted a model law for the protection of the data and systems used by the insurance industry, and South Carolina became the first state to enact legislation based on...more
As reported, the NAIC adopted a model law for the protection of the data and systems used by the insurance industry, and South Carolina became the first state to enact legislation based on the NAIC model. In doing so,...more
The NAIC adopted an Insurance Data Security Model Law.
On May 3, 2018, the South Carolina Governor made South Carolina the first state in the nation to adopt a comprehensive cybersecurity statute for the insurance industry,...more
Early this month, the NAIC Cybersecurity (EX) Task Force released a preliminary working and discussion draft of an Insurance Data Security Model Law. While praise worthy in its effort to provide uniformity for data security...more
Rhode Island recently amended its 10-year-old Identity Theft Protection Act effective June 26, 2016, further defining and refining existing data security and breach notification requirements, and adding a requirement to...more
Nevada and Connecticut recently enacted amendments to breach notification and data security requirements that are relatively unique among existing state laws, thus imposing new compliance obligations upon companies doing...more