The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity – Part 1 — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
As we wrote about last week, the Federal Trade Commission (FTC) recently announced that it had entered a proposed settlement with video equipment surveillance company Verkada over the company’s alleged security failures....more
Verkada, a manufacturer and retailer of security cameras, has settled FTC accusations of lax security measures. The company sells its products to businesses, including schools and medical facilities. It markets its products...more
Sorry folks, there is no punchline here, but there are bottom lines from a settlement the Federal Trade Commission (FTC) announced last week. We discuss three today: (1) the FTC continues to mount broad investigations and...more
On August 30, 2024, the Federal Trade Commission announced that the Department of Justice filed a complaint upon notification and referral from the FTC against a surveillance camera company that allegedly failed to provide...more
A biotech company recently settled with three AGs over allegations that it had failed to protect consumer information. According to the AGs of Connecticut, New York and New Jersey, this led to a 2023 data incident. The...more
Selected U.S. Privacy and Cyber Updates - New York AG Seeks Comments on Rulemaking for Minors’ Online Protection Laws - On August 1, 2024, New York Attorney General Letitia James issued two advanced notices of proposed...more
These days it seems like nearly every data breach results in a multitude of class action filings. Some of these cases settle quickly with minimal litigation. In such a case, the Eighth Circuit recently reversed an attorneys’...more
TracFone, the pre-paid phone company, recently settled with the FCC over allegations that the company failed to protect customer information during three different data incidents. According to the FCC, in each of the...more
Does the R.R. Donnelley settlement mean heightened Securities and Exchange Commission (SEC) involvement in regulating public companies’ cybersecurity policies and practices? Our Securities Litigation, Privacy, Cyber & Data...more
CFPB Director Chopra Emphasizes “Pressing Need” for Data Protections - On June 12, 2024 and June 13, 2024, Consumer Financial Protection Bureau Director Rohit Chopra appeared before the Senate Banking Committee and the...more
On Monday, June 17, 2024, the Department of Justice (DOJ) announced a settlement in which two U.S. based consulting companies agreed to pay a combined total of $11.3 million to resolve allegations that they violated the False...more
In today's digital landscape, the exchange of personal information has become ubiquitous, often without consumers fully comprehending the extent of its implications. The recent actions undertaken by the Federal Trade...more
Convergent Outsourcing Inc., a debt-collection agency, settled a data breach class action in the U.S. District Court for the Western District of Washington for $2.45 million. The class action suit against Convergent alleged...more
Welcome to the Class Action & MDL Roundup, our quarterly review of decisions and settlements in the class action arena. In this edition, student-athletes win an NIL round, Canadians in California isn’t personal...more
On February 1, the Federal Trade Commission (FTC or “the Commission”) announced that it had reached a settlement with Blackbaud, a software company, resolving claims related to a 2020 data breach that resulted in the...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
On February 6, 2024, the HHS Office for Civil Rights (“OCR”) announced a settlement with Montefiore Medical Center (“MMC”) for alleged HIPAA Security Rule violations and MMC agreed to pay $4.75 million and enter into a...more
On February 1, 2024, the Federal Trade Commission (FTC) announced that it had reached a proposed settlement with that would require Blackbaud Inc. (“Blackbaud”) to delete personal data it does not need to retain and upgrade...more
2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more
On December 8, 2023, New York Attorney General Leticia James penned her approval to an Assurance of Discontinuance with third party dental administrator Healthplex, settling the enforcement action for $400,000 and a litany of...more
Happy Holidays! The December Monthly Minute includes a fiduciary checkup reminder and a look at HHS’ recent settlement stemming from a phishing attack that impacted ePHI of nearly 35,000 individuals....more
Welcome back to the Class Action & MDL Roundup! This edition covers notable class actions from the third quarter of 2023. In this edition, a mistake is just a mistake, “99.99%” isn’t 100% clear, and faxes aren’t always...more
State regulators across the country continue to increase their focus on cyber security and data privacy compliance and enforcement. For years, cloud company Blackbaud, a service provider to thousands of nonprofit enterprises,...more
Is your organization a business associate? You could be subject to enforcement action if you fail to protect health information within your control from ransomware attacks. In October, for the first time, the U.S....more
In yet another example of its focus on imposing greater data security accountability, the New York Attorney General (“NYAG”) recently announced a significant settlement with Marymount Manhattan College (“the College”). The...more