DE Under 3: OFCCP’s New Revisions & Additions to its Construction Contractor Compliance Audit Tools
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
#WorkforceWednesday: SCOTUS Rules on PAGA, Fifth Circuit Rules on COVID-19 Under WARN, Illinois Expands Bereavement Leave - Employment Law This Week®
New NYS Law about Electronic Monitoring Takes Effect May 7
COBRA Deadlines and Proofs of Mailing in Carter v. Southwest Airlines Co. Board of Trustees
#WorkforceWednesday: NY Travel Advisory Changes, CA’s COVID-19 Exposure Notice, Executive Order Reversals - Employment Law This Week®
PODCAST: Williams Mullen's Benefits Companion - COVID-19 Edition - Deadline Extensions Impacting HIPAA, COBRA and ERISA
CF on Cyber: Leveraging the Incident Response Guide to Prepare for the CCPA
HR Law 101 Ep. 8: Handbooks and What to Include Part 3
Jones Day Talks: Doing Deals Down Under: Australia's Foreign Direct Investment Regime
The New York, Connecticut, and New Jersey AGs entered into settlements with biotechnology company Enzo Biochem, Inc. and its subsidiary Enzo Clinical Labs, Inc. (collectively, “Enzo”), to resolve allegations stemming from a...more
Pennsylvania’s Governor recently approved amendments to the Commonwealth’s data breach notification law, which represent a significant overhaul to the law. As detailed below, the amended law makes a number of material...more
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more
Some writers (not from my great state of Rhode Island) act like Rhode Island has been behind the times when it comes to data privacy and security when discussing Rhode Island’s new privacy law. I feel a need to explain that...more
Incident Response Plans and Written Information Security Programs Continue to be Essential and Will Need to Be Reviewed. Most sophisticated organizations currently have in place incident response plans. Those organizations...more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
Last week, the U.S. Securities and Exchange Commission (“SEC”) became the latest federal regulator to implement a data breach notification law. The commissioners unanimously voted to approve amendments to Regulation S-P (the...more
On May 16, 2024, the Securities and Exchange Commission (SEC) announced the adoption of amendments to Regulation S-P (Reg S-P), which broadly track the changes originally proposed in March 2023. The revised Reg S-P requires...more
On May 13, the FTC’s amendment to the Safeguards Rule relating to the reporting of data breaches and security incidents, which were announced in October of 2023, became effective. As a reminder, the FTC’s Safeguards Rule...more
On May 1, 2024, amendments to Utah’s cybersecurity and data breach notification law took effect. The state’s cybersecurity and data breach notification law requires an organization that conducts business in the State of Utah...more
Introduction - Illinois has enacted laws addressing rights and obligations related to data privacy. Companies and organizations that handle, collect, disseminate, or otherwise deal in nonpublic information have a number of...more
The State of Utah recently amended its general data breach notification statute to update the content that must be reported to the Utah Attorney General or the Utah Cyber Center. The amendments also clarify when notifications...more
Utah, among other privacy laws it has enacted or modified recently, has also modified its breach notification law. This follows last year’s changes to the law, which among other things codified the state’s Cyber Center....more
On March 19, Utah enacted SB 98 which amended the state’s online data security and privacy requirements. SB 98 will include new protocols that individuals and governmental entities must follow under its data breach reporting...more
Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more
What Happened? On March 4, 2024, Ginnie Mae issued All Participant Memorandum (APM) 24-02 to impose a new cybersecurity incident notification requirement. Ginnie Mae has also amended its Mortgage-Backed Securities Guide to...more
The expansion of the FTC’s Safeguards Rule will require businesses to notify customers and the FTC of cyber breaches that had previously been excluded from reporting requirements. Previously, only banks had been required to...more
On December 21, 2023, the FCC announced it adopted an updated data breach notifications rule. The rule was formerly designed to protect consumers against pretexting, “a practice in which a scammer pretends to be a particular...more
Key Point: The FCC revised its breach notification rules for telecommunication providers to broaden the instances when notifications are required, but even with limited exceptions to the new requirements, the final rule...more
Publications and Advisories - November 13, 2023 – Kathleen Benway, Kate Hanniford, Amy Mushahwar, Kim Peretti, and Lance Taubin published “Privacy, Cyber & Data Strategy Advisory: FTC Approved New Data Breach Notification...more
With an amendment to its Safeguards Rule, the Federal Trade Commission has joined other federal agencies regulating cybersecurity breaches. Our Privacy, Cyber & Data Strategy Team analyzes how the amendment will affect...more
On October 27, 2023, the Federal Trade Commission (the “FTC”) adopted a final rule (“Final Rule”) to amend the Standards for Safeguarding Customer Information (the “Safeguards Rule”). Among other things, the Final Rule will...more
Under an amendment to the Safeguards Rule under the Gramm-Leach-Bliley Act (GLBA) announced on October 27, 2023, the Federal Trade Commission (FTC) will require a broad range of nonbank financial institutions to notify the...more
The Federal Trade Commission (FTC or Commission) has amended its Standards for Safeguarding Customer Information, commonly known as the "Safeguards Rule," to require non-bank financial institutions to report certain data...more