When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
Texas will soon be the next state to have a comprehensive consumer data privacy and security law when the Texas Data Privacy and Security Act takes effect on July 1. It will require businesses to take several compliance...more
Readers of this blog are well aware of the recent surge in data privacy litigation. In February 2024, Atlas Data Privacy Corporation (“Atlas Data”), a consumer data protection company, filed over 100 lawsuits in the State of...more
If someone accessed your business’s computer systems without your authorization, did you suffer a data breach under Colorado law? Answering this question correctly is critical, because getting it wrong can expose you to...more
California Governor Gavin Newsom on September 29 signed into law Assembly Bill 1281, which ensures that the California Consumer Privacy Act (CCPA) limited exemptions for employment-related and business-to-business (B2B) data...more
On July 21, 2020, the New York Department of Financial Services (DFS) filed a “Statement of Charges and Notice of Hearing” (the “Charges”) against First American Title Insurance Company (the “Company”) alleging violations of...more
New and comprehensive privacy and cyber regulations continue to proliferate across the globe. These are not your father’s data breach notification laws. The scope of information included within these mandates has expanded...more
Over the years, Congress has put forth various legislative proposals regarding data privacy. None of the past legislation received the support necessary to enable passage of a comprehensive national data privacy law. However,...more
United States Senator Jerry Moran (R. Kan.), Chairman of Commerce Subcommittee on Consumer Protection, has introduced legislation, Senate Bill 3456, to establish a national standard for protecting consumer data and personal...more
On January 28, 2020, the Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) addressed a federal court’s January 23rd invalidation of certain provisions of the Health Insurance Portability and...more
Reflecting the movement to toughen data security laws on a state-by-state basis, on July 25, 2019, Governor Cuomo signed into law the Stop Hacks and Improve Electronic Data Security Act (the "SHIELD Act" or the "Act"). The...more
Purpose and Practicality - The HIPAA Security Rule was designed to protect the confidentiality, integrity, and availability of a patient’s protected health information (PHI) while allowing flexibility for each covered...more
The CCPA is an unprecedented privacy law that grants California residents sweeping rights concerning the collection and use of their information. Once the law becomes effective on January 1, 2020, covered businesses can...more
A Florida staffing agency which provides physicians to hospitals and nursing homes, has agreed to a $500,000 settlement with the U.S. Department of Health and Human Services, Office for Civil Rights. The settlement comes...more
The California legislature unanimously approved and California Governor Jerry Brown signed into law the California Consumer Privacy Act of 2018 (CCPA) on June 28, 2018. The CCPA is arguably the most far-reaching data...more
The New York State Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) came into effect March 1, 2017...more
On May 29, 2018, Governor John Hickenlooper signed into law House Bill 18-1128 (the “Data Privacy Act”). The Data Privacy Act creates new standards for how businesses and governmental entities (i) protect the personal...more
On May 29, 2018 Governor Hickenlooper signed HB—1128 into law. Importantly, the Bill amends the State’s data breach notification law to require that affected Colorado residents be notified within 30 days of a data breach, and...more
On May 29, 2018, Colorado passed House Bill 18-1128, which requires "covered entities" to comply with new rules regarding the security and disposal of "personal identifying information" (PII). The new law also provides an...more
With more than double the number of required signatures well ahead of the verification deadline late this month, the citizen-initiated measure "The California Consumer Privacy Act of 2018" appears headed for the statewide...more
First in a two-part series. As we reported last week, New York Attorney General Eric T. Schneiderman has introduced a bill aimed at protecting New Yorkers from data breaches. The Stop Hacks and Improve Data Security Act or...more
August 28, 2017 marks the end of the initial 180-day grace period for compliance under the New York Department of Financial Services’ “first-in-the-nation” cybersecurity regulations (the “Rules”). The initial regulations...more
Effective March 1, 2017, the New York State Department of Financial Services promulgated regulations to help protect against cybercriminals and their efforts to exploit sensitive electronic data. These cybersecurity...more
The New York Department of Financial Services (NYDFS) recently updated frequently asked questions (FAQs) about its cybersecurity regulations, 23 NYCRR 500, to address four new issues. NYDFS published its initial set of FAQs...more
The Department of Health and Human Services’ Office of Civil Rights (OCR) recently published a checklist to guide HIPAA-covered entities and business associates through an appropriate response to a ransomware or cybersecurity...more
As federal and state governments struggle to address future healthcare regulation, demand for healthcare that is cheaper, better and faster continues to surge. Every day, new healthcare apps are being developed to respond...more