News & Analysis as of May 7, 2025

Privacy Laws

+ Follow

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now. less -

‘Security! Security!’ HHS Proposes Updates to HIPAA’s Security Rule

Dickinson Wright on 2/27/2025

Can you remember healthcare security 20+ years ago? It seems like a different world from now. Believe it or not, the HIPAA Security Rule has barely changed since it was first enacted in 2003 and has been long overdue for a...more

Top AI Risks General Counsels Should Address

Lowenstein Sandler LLP on 2/19/2025

Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more

Resolutions for Healthcare Providers: Part 1 of 2 – Cybersecurity, Privacy and HIPAA Compliance

Bodman on 2/4/2025

As the new year begins, it is useful to review your practice’s processes and policies to ensure that the practice operates with efficiency and remains compliant with ever-changing healthcare regulations....more

CPPA Opens Public Comment Period for Proposed AI Regulations

Akin Gump Strauss Hauer & Feld LLP on 1/13/2025

The California Privacy Protection Agency (CPPA) announced the formal public comment period for its latest proposed rulemaking package, which includes updates to existing regulations and introduces new guidelines for automated...more

Fasten Your Seatbelts: CPPA Proposes Rules on Automated Decision-Making and Cybersecurity Audits and Finalizes Data Broker...

Perkins Coie on 11/27/2024

After much anticipation, on November 8, the California Privacy Protection Agency (CPPA) Board voted to advance proposed regulations for insurance, cybersecurity audits, risk assessments, and automated decision-making...more

[Event] Healthcare Privacy Compliance Academy - January 27th - 30th, Orlando, FL

Health Care Compliance Association (HCCA) on 11/20/2024

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

UK Online Safety Act: A Look Ahead

Perkins Coie on 10/29/2024

Ofcom, the U.K. Online Safety Act (the Act) regulator, released an updated roadmap on the timing of obligations for covered services on October 17, 2024. The Act was passed in October 2023 and introduces new legal obligations...more

Navigating the Fallout: Essential Insights for Healthcare Companies in Light of the Change Healthcare Cyber Breach

Ankura on 10/7/2024

The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more

Cybersecurity for Lawyers: The NIST Cybersecurity Framework as a Tool and Reference

Perkins Coie on 9/26/2024

In this post in our series on basic cybersecurity concepts for lawyers (see here and here for prior posts), we delve into the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0, which is a...more

AI Safety: The Role of the Board in Assessing and Managing AI Risk

Skadden, Arps, Slate, Meagher & Flom LLP on 9/4/2024

As AI systems become more complex, companies are increasingly exposed to reputational, financial and legal risk from developing and deploying AI systems that do not function as intended or that yield problematic outcomes. The...more

Nuanced Privacy Laws Means Healthcare Organizations Should Prioritize Protecting Personal Information

Jackson Lewis P.C. on 4/29/2024

The healthcare industry is among the most highly regulated industries when it comes to privacy protections. In addition to the federal Health Insurance Portability and Accountability Act (HIPAA), healthcare providers also...more

Further Updates to the CPPA Proposed Regulations: Risk Assessments and Automated Decisionmaking Technology

Mintz - Privacy & Cybersecurity Viewpoints on 3/26/2024

After years of internal discussion, the Board of the California Privacy Protection Agency (CPPA), at their March 8th meeting, voted to progress toward formalizing the proposed regulations on risk assessments and automated...more

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Health Care Compliance Association (HCCA) on 3/13/2024

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

Cybersecurity Experts Urge Responsible AI Adoption, Not Overreliance

HaystackID on 10/25/2023

Editor’s Note: This article covers valuable insights on artificial intelligence’s (AI) evolving role in cybersecurity and incident response shared during an expert panel discussion. As cybersecurity, information governance,...more

11 Years After First Disclosure, L.A. Care Pays $1.3M, Says ‘Processing Errors’ Caused Breaches

Health Care Compliance Association (HCCA) on 10/6/2023

Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more

Privacy & Cybersecurity Update - September 2023

Skadden, Arps, Slate, Meagher & Flom LLP on 10/3/2023

In this month’s Privacy & Cybersecurity Update, we examine Delaware’s new comprehensive data privacy law, a joint statement by 12 data protection authorities on data scraping and data protection, a district court ruling on a...more

SEC Gives Finality on Cybersecurity Disclosures for Public Companies

Sheppard Mullin Richter & Hampton LLP on 9/28/2023

The SEC has now finalized its much anticipated rules for public companies’ cybersecurity disclosures. The final rules, published this month, require disclosure of certain cybersecurity incidents much sooner than under many...more

What Do the CPPA’s Draft Regulations on Risk Assessments and Cybersecurity Audits Mean for Companies?

Sheppard Mullin Richter & Hampton LLP on 9/15/2023

The CPPA, the California regulatory body charged with enforcing CCPA, has now issued draft regulations on risk assessments and cybersecurity audits. The draft was released ahead of a public board meeting to discuss those...more

California Reveals Draft Regulations Requiring Onerous Cybersecurity Audits and Privacy Risk Assessments

McDermott Will & Emery on 9/5/2023

On August 28, 2023, the California Privacy Protection Agency (CPPA) released discussion drafts of regulations on cybersecurity audits and privacy risk assessments in advance of the CPPA’s meeting on September 8, 2023. ...more

Draft Cybersecurity Audit and Risk Assessment Regulations Issued by CPPA

Mintz - Privacy & Cybersecurity Viewpoints on 8/30/2023

The California Privacy Protection Agency (CPPA) has released its agenda for the September 8 board meeting, which includes (among other topics) presentation of a draft Cybersecurity Audit Regulation and a draft Risk Assessment...more

California Regulator Previews Intentions for Cybersecurity, Privacy, and Automated Decisionmaking Regulations

Davis Wright Tremaine LLP on 8/18/2023

The CPPA kicked off a first round of rulemaking in May 2022 and finalized that set of rules in March of this year. At the latest California Privacy Protection Agency (CPPA) meeting, the CPRA Rules Subcommittee (Rules...more

Develop a Process to Create Privacy Impact Assessments Under the Attorney-Client Privilege

ArentFox Schiff on 5/22/2023

Data protection assessments are required for high-risk processing activities in a rapidly growing set of federal, state, and international comprehensive privacy laws. These assessments are triggered by processing activities,...more

[Event] Healthcare Privacy Compliance Academy - May 8th - 11th, Chicago, IL

Health Care Compliance Association (HCCA) on 3/8/2023

Healthcare Privacy Compliance Academy Overview - Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper...more

[Event] Basic Compliance & Ethics Academy - May 8th - 11th, Chicago, IL

Society of Corporate Compliance and Ethics... on 1/20/2023

Ideal for practitioners who have some compliance knowledge and are ready for a deeper dive, SCCE’s Basic Compliance & Ethics Academy provides comprehensive, classroom-style training in the essentials of managing a compliance...more

Privacy & Cybersecurity Update - December 2022

Skadden, Arps, Slate, Meagher & Flom LLP on 1/3/2023

In this month’s Privacy & Cybersecurity Update, we examine the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework, as well as guidance from the U.K. Information Commissioner’s Office on...more

55 Results

View per page

Page: of 3

Cybersecurity › Risk Assessment › Privacy Laws

"My best business intelligence, in one easy email…"