Rethinking Records Retention
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
On June 2, the New Jersey Division of Consumer Affairs (Division) published proposed regulations to implement the New Jersey Data Privacy Act (NJDPA). Of note, these rules were proposed months after the NJDPA went into effect...more
India’s Ministry of Electronics and Information Technology (MeitY) released in June 2025 a Business Requirement Document for Consent Management Under the DPDP Act, 2023 (BRD). The BRD, while not legally binding, provides...more
In February, a coalition of healthcare organizations sent a letter to President Donald J. Trump and the U.S. Department of Health and Human Services (HHS) (the Letter), urging the immediate rescission of a proposed update to...more
The FAR Council issued a proposed rule that would amend the several FAR provisions and add new clauses to provide guidance on the safe handling of CUI. Public comments on the proposed rule are being accepted until March 17,...more
On January 6, 2025, the Biden Administration issued a new proposed rule updating the HIPAA Security Standards ( “Proposed Rule”). The original HIPAA Security Standards were issued in 2003 and updated in 2013 and require that...more
The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
Join us for a new episode of Financial Services Focus with partner Eric Mitzenmacher and associate Kerri Webb, as they discuss the CFPB's recently proposed FCRA rulemaking, which, if finalized as proposed, would affect the...more
In the two weeks before Inauguration, both the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC) released a flurry of rulemaking developments, policy announcements, and enforcement filings and...more
On January 16, the California Privacy Protection Agency extended the public comment period for its proposed rulemaking package to February 19 due to wildfires affecting the state....more
On January 03, 2025, the government released the much awaited draft Digital Personal Data Protection Rules, 2025, (Draft Rules / Rules) for public consultation and invited stakeholder feedback by February 18, 2025 (access the...more
In early January, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking. The Proposed Rule would modify the Security Standards for the Protection of...more
The US Department of Health and Human Services (HHS) on January 6, 2025 issued a notice of proposed rulemaking (NPRM) seeking feedback on proposed updates to the Security Standards for the Protection of Electronic Protected...more
The U.S. Department of Health and Human Services Office for Civil Rights (HHS-OCR) has announced proposed modifications to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule (the Proposed Rule). The...more
The U.S. Department of Health and Human Services (HHS) recently released a proposed rule to better protect electronic health data from cybersecurity threats. The proposed rule would apply to health plans, healthcare...more
On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more
§ 160.101 Statutory basis and purpose. The requirements of this subchapter implement sections 1171–1180 of the Social Security Act (the Act), sections 262 and 264 of Public Law 104–191, section 105 of Public Law 110–233,...more
For more than 20 years, the HIPAA Security Rule has been virtually unchanged other than extending its scope beyond covered entities to also include business associates. During that time, technology has changed, cybersecurity...more
With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more
The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more
Colorado continues to be active with regard to its comprehensive privacy law. September 25, 2024 kicked off the official public comment period on the proposed draft amendments to rules promulgated under the Colorado Privacy...more
The Department of Health and Human Services ("HHS") has released a concept paper outlining its new cybersecurity strategies for the health care sector, identifying cybersecurity priorities, potential future regulations and...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice....more
On Thursday, October 19, 2023, the Consumer Financial Protection Bureau (“CFPB”) released a proposed rule addressing “personal data financial rights”, as we reported last week that they would be doing later in October. The...more
On October 19, 2023, the Consumer Financial Protection Bureau (CFPB) announced its long-awaited proposed rule regulating “Personal Financial Data Rights” (the proposed rule). The proposed rule implements Section 1033 of the...more