Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
What is the CCF?
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — Hiring to Firing Podcast
A Less is More Strategy for Data Risk Mitigation
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
Compliance Tip of the Day: AI for Whistleblower Anonymity
Why Privacy Matters to Your Business and What's in Store for 2025
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 223: Cybersecurity and Privacy Risks with Healthcare Vendors with Brandon Robinson of Maynard Nexsen
Welcome to the “Data Privacy and Cybersecurity” chapter of our annual report, Consumer Financial Services: 2024 Year in Review. Consumer financial services regulators are taking a keen interest in artificial intelligence...more
Financial firms doing business in New York should be mindful of a recent e-blast sent by the state’s financial regulator concerning cybersecurity requirements that become effective in less than two months. The New York...more
The New York State Department of Financial Services recently announced that it has entered into a consent order with PayPal, Inc. for violations of the NYDFS Cybersecurity Regulation. The consent order, under which PayPal has...more
Keypoint: New York has amended its data breach notification law twice in the last 60 days to (1) add a 30-day deadline for notifying affected residents, (2) clarify that covered financial entities must still notify the New...more
On February 14, the Governor of New York signed into law SB 804 (the “Act”), which amends the general business law concerning when and how notifications for data breaches are provided to the New York Department of Financial...more
On December 24, New York Gov. Kathy Hochul (D) signed into law an amendment to section 899-aa of the N.Y. General Business Law, also known as The Shield Act, modifying the law’s data breach notification requirements....more
On January 23, 2025, PayPal settled an enforcement action brought by the New York State Department of Financial Services (NY DFS) for failing to comply with cybersecurity regulations required for financial services businesses...more
On January 23, 2025, the New York Department of Financial Services (DFS) announced that it reached a $2,000,000 settlement as part of a broader consent order with a peer-to-peer payment platform (“P2P”) about its...more
In December 2024, New York Governor Kathy Hochul signed into law two bills (A8872A and S2376B; collectively, the “Bills”) that amend New York’s Data Breach Notification Law. The Bills introduce a maximum thirty-day timeframe...more
On December 21, 2024, New York Gov. Kathy Hochul signed into law S2659-B/A8872-A, which, effective immediately, changed timing requirements for notice under New York’s data breach notification law and expanded the list of...more
In late December 2024, the New York Governor signed two bills (S2659B and S2376B) amending the state’s data breach notification law (N.Y. Gen. Bus. Law § 899-aa), to expand the definition of reportable personal information...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
Selected U.S. Privacy and Cyber Updates - NYDFS Releases Circular Letter on Use of AI in Insurance Underwriting and Pricing - On January 17, 2024, the New York State Department of Financial Services (NYDFS) issued a proposed...more
The New York State Department of Financial Services (“NYDFS”), which regulates financial services institutions including banks, insurance companies, and mortgage brokers, finalized an amendment to its Cybersecurity Regulation...more
The New York and Pennsylvania AGs settlement with Herff Jones from late last year provides guidance to businesses about expected security measures as we enter into 2023. The case arose after Herff Jones, producer and seller...more
In 2022, the stakes for data breaches grew in more ways than one. IBM reported the average cost of a data breach is up to $4.35 million. More importantly, though, regulators have zeroed in on higher-level executives and...more
Selected Developments in U.S. Law - SEC Proposed Rule Will Require Private Funds to Report Certain Cyber Events On January 26, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance hedge fund...more
CYBERSECURITY - Eversource Energy Notifies Customers of Data Breach - Eversource Energy, which is the largest energy supplier in New England with 4.3 million customers in Connecticut, Massachusetts, and New...more
CYBERSECURITY - NSA Issues New Warning About Four Critical Patches to Microsoft Exchange Servers - The National Security Agency (NSA) recently issued a warning to private industry about four zero-day vulnerabilities in...more
In this month's edition, we examine the Court of Justice of the European Union's decision invalidating the EU-U.S. Privacy Shield framework, as well as the U.S. government's response to the decision. We also examine two...more
Following promises of increased enforcement, on July 22, 2020, the New York Department of Financial Services (NYDFS) announced the first cybersecurity enforcement action pursuant to its Cybersecurity Regulation, which...more
On July 21, 2020, the New York State Department of Financial Services (NYDFS) filed charges against First American Title Insurance Company (First American) for breach of state cybersecurity regulations. Specifically, NYDFS...more
Department of Homeland Security Warns of Cyber-Attacks by Iran - The Department of Homeland Security (DHS) issued a grave warning to U.S. businesses and critical infrastructure operators on January 6, 2020, alerting the...more
Three states recently enacted variations of the National Association of Insurance Commissioner’s (NAIC) Insurance Data Security Model Law (MDL-668), based on the landmark cybersecurity requirements issued by the New York...more