Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed....more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
In the burgeoning realm of data incidents, it is a truism that such incidents are not created equal. Indeed, a data incident is not necessarily a data breach. Originally published in Reuters -August 24, 2023...more
INTRODUCTION - As more of our lives and work become digitized, an inherent overlap continues to grow between data privacy and cyber security programs. Think of two similarly sized circles: in the past, data privacy and cyber...more
The state of Virginia recently enacted a law banning local law enforcement and campus police departments from using facial recognition technology. Facial recognition technology is defined as an “electronic system for...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
CYBERSECURITY - Ransomware Incident Compromises Unemployment Claim Information of 1.6M in WA - It is being reported that the Office of the Washington State Auditor (SAO) is investigating a security incident, allegedly...more
The Wolcott school system in Wolcott, Connecticut has been recovering for four months from a ransomware attack that hit its system at the end of the school year. Last week, it was hit with a second attack. According to...more
Given the near ubiquitous coverage of proposed CCPA amendments, it may be hard to believe that any bill could fly under the radar, but that appears to be the case with AB 1035, which would amend the CCPA’s private right of...more
• The U.S. Department of Health and Human Services on Dec. 28, 2018, announced the release of the "Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients" that provides a "Call to Action" to make...more
• The Trump Administration recently announced plans to establish U.S. consumer privacy standards in response to a series of high-profile privacy breaches. • Two federal agencies – National Institute of Standards and...more
Last week, the National Institute of Standards and Technology (“NIST”) issued a document to spark discussion amongst stakeholders regarding improving security and privacy risk management for the Internet of Things (“IoT”)...more
New York Attorney General Announces Record Number of Data Breach Notices in 2016 - On March 21, 2017, the New York Attorney General's Office announced that it received 1,300 reported data breaches in 2016—a 60 percent...more
The US Senate Commerce Committee recently advanced a bill, titled the MAIN STREET Cybersecurity Act of 2017 (the Bill), under which the National Institute of Standards and Technology (NIST) would disseminate “clear and...more
De-identification of data refers to the process used to prevent personal identifiers from being connected with information. The FTC indicated in its 2012 report Protecting Consumer Privacy in an Era of Rapid Change:...more
Everyone in healthcare knows that the next round of HIPAA audits is coming. Covered entities and business associates have long been advised to review and update their HIPAA security risk analyses, have business associate...more
Records produced by the U.S. Department of Energy (“DOE”) to USA TODAY under a Freedom of Information Act request revealed over 150 successful cyber intrusions into DOE computer systems between 2010 and 2014. Concerns about...more
On August 24, 2015, the Third Circuit Court of Appeals issued a much-awaited decision in FTC v. Wyndham Worldwide Corporation, holding that the Federal Trade Commission (FTC) has authority to regulate “unfair” or “deceptive”...more
On July 22, the National Cybersecurity Center of Excellence (“NCCoE”), a U.S. government organization formed in 2012 within the National Institute of Standards and Technology (“NIST”), released a draft Cybersecurity Practice...more
In response to a growing demand for cybersecurity guidance in the health care industry, the National Institute of Standards and Technology (NIST), through its National Cybersecurity Center of Excellence, recently published a...more
The National Institute of Standards and Technology (NIST) cybersecurity center released a draft guide last week for health IT professionals to use to bolster security for the use of mobile devices in the health care industry....more