AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
AI Talk With Juliana Neelbauer - Episode Three - Cybersecurity Insurance: Coverage Challenges and Changes
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
When direct-to-consumer genetic testing company 23andMe Holding Co. and its affiliates (together, “23andMe”) filed for chapter 11 bankruptcy on March 24, 2025, they possessed data from over 15 million customers. Specifically,...more
On May 25, 2024, Minnesota Governor Tim Walz signed the Minnesota Consumer Data Privacy Act (the "Act"), which takes effect on July 31, 2025, for most controllers and on July 31, 2029, for certain postsecondary educational...more
On April 4, 2024, Kentucky Governor Andy Beshear signed the Kentucky Consumer Data Protection Act (the "KCDPA" or "Act"), which takes effect January 1, 2026. The KCDPA maps in large part to the Virginia Consumer Data...more
On May 17, 2024, Virginia Governor Glenn Youngkin signed SB 361/HB 707 amending the Virginia Consumer Data Protection Act ("VCDPA") to provide heightened protections to consumers under 18 years of age, not just those under...more
As states take pioneering steps towards AI legislation, businesses face new compliance landscapes affecting their operation and strategic planning. California and Colorado are leading with distinct yet influential legislative...more
Maryland lawmakers recently passed comprehensive consumer privacy legislation that, in some ways, is stronger than laws seen in other states and even a key bill proposed by Congress. If Governor Wes Moore signs the Maryland...more
On April 2, 2024, the California Privacy Protection Agency's (CPPA) Enforcement Division issued its first enforcement advisory, titled "Applying Data Minimization to Consumer Requests," to further emphasize the importance of...more
The Colorado Department of Law (“DoL”) has published a shortlist of potential universal opt-out mechanisms (“UOOMs”). Beginning on July 1, 2024, companies will be required to allow consumers to opt out of the sale of their...more
Oregon recently joined Vermont and California as the third state requiring data broker registration before collecting, selling, or licensing “brokered personal data.” Several types of entities are exempt from the law. These...more
Congress has repeatedly failed to pass comprehensive national data protection legislation, and the states are rapidly filling the void with laws that impose different requirements on a state-by-state basis. Most of these...more
On June 16, 2023, Nevada Governor Joe Lombardo signed SB 370 into law. This new law is a consumer health data bill that is similar in many ways to Washington’s My Health My Data Act (MHMDA). SB 370, like most provisions of...more
To date, US non-profit organizations have enjoyed an exemption from the state omnibus privacy laws. That’s about to change. Unlike the California Privacy Rights Act (CPRA), the Virginia Consumer Data Protection Act (VCDPA),...more
The Florida Digital Bill of Rights (FDBR) was signed into law by Governor Ron DeSantis on June 6, 2023, making Florida the tenth state to enact a consumer data privacy law along with California, Virginia, Colorado,...more
Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more
On April 21, Tennessee lawmakers approved and sent to Governor Bill Lee for signature, the Tennessee Information Protection Act (TIPA), one of nine different state consumer privacy laws that are generally considered to be...more
On April 17, the Washington legislature passed the My Health My Data Act (MHMD Act), which includes some of the most restrictive provisions in any U.S. state privacy law....more
Editor’s Note: On September 29, 2022, HaystackID shared an educational webcast on the topic of US privacy law. As privacy continues to move to the forefront of not only information consideration but of business concern for...more
Keypoint: Organizations subject to these laws will need to determine whether they are engaging in “sales,” which can be a complex and multifaceted analysis given the statutes’ varying definitions and exemptions....more
This is the second in a series of articles about the implications of the California Privacy Rights Act for employers. - The California Privacy Rights Act (“CPRA”), which goes into effect on January 1, 2023, grants six new...more
On January 28, 2021, privacy professionals around the world will celebrate Data Privacy Day. This year, we decided to mark the occasion by gathering our team’s thoughts and expectations on what we expect to be the biggest...more
CYBERSECURITY - The GEO Group Hit with Ransomware Attack - The GEO Group, Inc. (GEO), a publicly-held company located in Boca Raton, Florida, announced on November 3, 2020, that it is beginning to notify individuals...more