Medical Device Legal News with Sam Bernstein: Episode 10
Drafting Consumer Breach Notices — From a Litigation Perspective - Unauthorized Access Podcast
IP|Trend: Dust up After the Breach
Hot Topics Roundtable for Fund Managers - Cybersecurity, Valuation, and More
On December 21, 2024, while many Americans were busy signing holiday cards and exchanging gifts, New York Governor Kathy Hochul was signing six significant pieces of legislation aimed at enhancing online safety and...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
On June 28, 2024, Governor Josh Shapiro of Pennsylvania approved several notable amendments to the Commonwealth’s data breach notification law (SB 824). In summary, the revised statute: adds a regulator notification...more
Are you responsible for privacy compliance at your company? This alert summarizes key takeaways from Paul Rothermel's recent presentation 10 Things You Should Know About Privacy, Consent, and HIPAA...more
Whether the game is football, baseball, hockey, or Indy Car racing, no team goes into their major championship matchup without training. Companies need to train as well if they intend to operate on the internet and expect to...more
On October 27, 2023, the Federal Trade Commission (FTC) unanimously approved an amendment to the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule to require certain covered financial institutions to report a broad range of data...more
The Federal Trade Commission (FTC) has approved an amendment to its Safeguards Rule that will require non-banking financial institutions to report certain data breaches (or “notification events”) to the FTC (not affected...more
This year, Indiana joined several other states to pass a comprehensive consumer privacy law, that becomes operative on January 1, 2026. Like other consumer privacy laws, Indiana’s law requires businesses to establish...more
Most human resources professionals are concerned about the privacy and security of the vast amounts of personal information they manage. This article discusses steps to consider taking against the challenges. Deluge of...more
With the first wave of amendments to Québec’s personal information protection legislation (“Law 25”) taking effect on September 22, 2022, we thought we would share the top 5 misconceptions we have encountered when discussing...more
June 9th marked the deadline for financial institutions, including certain non-banking institutions that collect or maintain sensitive customer information (e.g., car dealerships), to implement a comprehensive information...more
Privacy Briefs: June 2023 - Long-term care pharmacy network PharMerica disclosed a breach involving more than 5.8 million patients, making it the largest breach reported to the HHS Office for Civil Rights (OCR) in the last...more
On Thursday, May 19, 2023, the Federal Trade Commission (FTC) issued a notice of proposed rulemaking and a request for public comment on proposed changes to the Health Breach Notification Rule (HBNR or, the Rule) that would...more
As we wrote in November, Pennsylvania amended its data breach notification laws last year, and those changes go into effect tomorrow (May 2, 2023). Beginning tomorrow, if a breach of username/email accounts and their...more
The Federal Trade Commission (FTC) continues to prioritize the protection of consumers’ digital health information. The agency has demonstrated this commitment through enforcement actions against GoodRx and BetterHelp for...more
Just ahead of the expected April release of the final SEC cybersecurity regulations, the SEC has fined Blackbaud, a donor data management platform used widely by nonprofits, $3 million dollars for "misleading disclosures" in...more
For the second time in as many months, the Federal Trade Commission (FTC) last week announced a settlement alleging that a company’s the use and disclosure of consumers’ health information for online advertising violated the...more
In a groundbreaking decision, the Federal Trade Commission (FTC) announced it was diagnosing GoodRx’s use of tracking pixel codes and analytics, its digital strategy, as not only an unfair or deceptive act or abusive practice...more
On January 1, 2023, Virginia’s Consumer Data Protection Act (CPDA) takes effect. Key features of the CPDA include expansive consumer privacy rights (right to access, right of rectification, right to delete, right to opt-out,...more
The FTC recently took action against the online alcohol marketplace company Drizly and its CEO for alleged security failures. The case arose from a 2018 data breach which was caused – according to the FTC – by poor security...more
While the federal government attempts to move forward with a more uniform national law, Connecticut joined California, Colorado, Utah, and Virginia in passing a comprehensive consumer privacy law....more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Californians voted to enact the California Privacy Rights Act (“CPRA”) almost one year ago. Last week, Governor Gavin Newsom signed three new privacy bills into law....more
The Federal Trade Commission (FTC) recently issued a policy statement confirming that vendors of apps and other connected devices that collect personal health information, such as glucose levels, heart rate, or fertility or...more
On June 16, 2021, the Connecticut General Assembly adopted an expanded version of Connecticut’s data breach notification statute (2021 CT H.B. 5310 (NS)). Through this expansion, Connecticut’s data breach notification statute...more