The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
No Password Required: LIVE From Sunshine Cyber Con
The 2020 amendment to the Act on the Protection of Personal Information (“APPI”) stipulates that the APPI must be reviewed every three years — the time for a review has arrived. In the past, since its enactment in 2003, major...more
By now, many of us are using AI, advising others about how to use AI, and waiting for some legislative miracle to give us some guardrails for what we can or cannot be doing with AI. A lot of effort has been put into tracking...more
For global healthcare companies that process personal information in Japan and/or import personal information from Japan, there are new requirements that must be considered in preparing data transfer or processing agreements,...more
CYBERSECURITY - ECRI Names Cybersecurity Attacks as Top Health Technology Hazard for 2022 - ECRI has been publishing its annual report of health technology hazards for the past 15 years. According to ECRI’s Device...more
Recent developments in international privacy laws have complicated the conduct of clinical trials outside of the United States. Since the privacy law of the European Union – the General Data Protection Regulation or “GDPR” –...more
On 3 August 2021, Japan's Personal Information Protection Commission (“PPC”) published its long-awaited Guidelines on amendments enacted in 2020 (the “2020 amendments”) to Japan’s Act on the Protection of Personal Information...more
Global data privacy legislation has steadily advanced over the past several years, with one of the most comprehensive and well-known laws being the General Data Protection Regulation (GDPR), governing personal data...more
The Japanese government has released the effective dates of substantial amendments to the Japanese Act on the Protection of Personal Information (“APPI”). The revised Act will fully come into effect on 1 April 2022. ...more
On Tuesday, March 10, the Japanese Cabinet approved a bill to revise the Act on the Protection of Personal Information (“APPI”), which would require companies to take certain additional measures to protect personal data of...more
UNITED STATES - Regulatory—Policy, Best Practices, and Standards - Cybersecurity Standards Issued for Government Contractors - On January 31, the Office of the Under Secretary of Defense for Acquisition and...more
A constantly evolving framework of laws governing how multinational businesses can contact customers to how nonprofits report business income to how overtime is calculated and paid will influence how companies do business...more
The EU-Japan Economic Partnership Agreement between Japan and the European Union (“EU”) recently came into force, creating the world’s biggest open trading zone that covers 635 million people and almost one-third of the...more
Google Receives Record GDPR Fine - Marking the first major penalty against a U.S. tech company under the General Data Protection Regulation (GDPR), the French data-protection authority, CNIL, has fined Google a record $57...more
Key takeaways from the European Commission (EC) decision holding Japan as providing adequate protection to personal data: Japan ensures an adequate level of protection for personal data transferred from the EU Japan...more
As we previously reported the EU and Japan reached a tentative deal last summer to ease data transfer restrictions between them. That deal has now been approved by both the European Commission and by Japan and is effective...more
Japan is the latest country to be recognized by the European Union as providing adequate protection to data. The decision is one of mutual adequacy and creates the world’s largest area of safe data flows....more
On January 23, 2018, the European Commission (“EC”) adopted its adequacy decision on Japan. Japan issued an equivalent decision regarding data transfers from Japan to the European Union on the same day. This means that...more
On January 23, 2019, the Personal Information Protection Commission of Japan (the “PPC”) and the European Commission (the “Commission”) jointly announced the adoption of the decisions recognizing each other’s personal data...more
The European Data Protection Authorities, assembled in the European Data Protection Board (“EDPB” or “Board”), met at their third plenary meeting held on the 26th of September. At its meeting, the Board agreed on common...more
Japan's Personal Information Protection Commission Publishes Rules for Handling Personal Data Transferred from EU to Japan - Following the agreement between Japan and the European Union regarding personal data protection...more
On the heels of the European Union's General Data Protection law, which went into effect in May 2018, California has enacted the California Consumer Privacy Act ("CCPA")—the result of an 11th-hour compromise between...more
On July 17, 2018, less than two months after the General Data Protection Regulation (GDPR) went into effect, Japan and the European Union agreed to recognize each other’s data protection regimes as providing adequate...more
The advent of the European Union’s General Data Protection Regulation (GDPR) has prompted other countries and regions to work to enhance their privacy regulations to meet the GDPR standards. On July 17, Japan became the...more
Background - On 17 July 2018, the European Union (the “EU”) and Japan reached an agreement to recognize each other’s data protections systems as “equivalent”, and each commits to complete internal procedures by fall 2018 (the...more
On July 6, 2018, the European Union and Japan successfully concluded talks on mutual recognition of data protection regimes. The EU has reached unilateral adequacy decisions with other countries, but this is the first time...more