DE Under 3: OFCCP’s New Revisions & Additions to its Construction Contractor Compliance Audit Tools
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
#WorkforceWednesday: SCOTUS Rules on PAGA, Fifth Circuit Rules on COVID-19 Under WARN, Illinois Expands Bereavement Leave - Employment Law This Week®
New NYS Law about Electronic Monitoring Takes Effect May 7
COBRA Deadlines and Proofs of Mailing in Carter v. Southwest Airlines Co. Board of Trustees
#WorkforceWednesday: NY Travel Advisory Changes, CA’s COVID-19 Exposure Notice, Executive Order Reversals - Employment Law This Week®
PODCAST: Williams Mullen's Benefits Companion - COVID-19 Edition - Deadline Extensions Impacting HIPAA, COBRA and ERISA
CF on Cyber: Leveraging the Incident Response Guide to Prepare for the CCPA
HR Law 101 Ep. 8: Handbooks and What to Include Part 3
Jones Day Talks: Doing Deals Down Under: Australia's Foreign Direct Investment Regime
Since the full implementation of Thailand’s Personal Data Protection Act (PDPA) in June 2022, the Personal Data Protection Committee (PDPC) has been instrumental in shaping the nation’s data protection framework. ...more
On December 24, 2024, New York Governor Kathy Hochul signed into law amendments to New York’s private-sector data breach notification law (General Business Law § 899-aa) and government agency data breach notification law (New...more
Pennsylvania’s Governor recently approved amendments to the Commonwealth’s data breach notification law, which represent a significant overhaul to the law. As detailed below, the amended law makes a number of material...more
Some writers (not from my great state of Rhode Island) act like Rhode Island has been behind the times when it comes to data privacy and security when discussing Rhode Island’s new privacy law. I feel a need to explain that...more
On May 1, 2024, amendments to Utah’s cybersecurity and data breach notification law took effect. The state’s cybersecurity and data breach notification law requires an organization that conducts business in the State of Utah...more
Introduction - Illinois has enacted laws addressing rights and obligations related to data privacy. Companies and organizations that handle, collect, disseminate, or otherwise deal in nonpublic information have a number of...more
On October 18, 2022, the European Data Protection Board (“EDPB”) published a proposed updated version of its regulatory guidance on personal data breaches under the EU GDPR (the “Proposed Updated Guidance”). The Proposed...more
Last week, I discussed eDiscovery in the Asia Pacific (APAC) region in terms of what each country has in place from a rules and discovery standpoint. eDiscovery isn’t the only discipline where US-based bloggers like me tend...more
On June 16, 2021, the Connecticut General Assembly adopted an expanded version of Connecticut’s data breach notification statute (2021 CT H.B. 5310 (NS)). Through this expansion, Connecticut’s data breach notification statute...more
On March 3, 2021, the New York State Department of Financial Services (NYDFS) announced a settlement with Residential Mortgage Services, Inc. (RMS) for $1.5 million in connection with its violation of the NYDFS Cybersecurity...more
In certain cases, the General Data Protection Regulation (GDPR) requires entities that experience a personal data breach to provide notice of the incident to relevant national supervisory authorities and the individuals whose...more
When it comes to data breach notification laws, differences between the patchwork of U.S. state laws and the EU’s General Data Protection Regulation can impact the focus of and approach to an investigation. Our Privacy & Data...more
EU Court Allows Class Action to Proceed, Sets Precedent for Future Data Breach Class Actions - A class action brought against Google will be allowed to move forward after the plaintiff’s appeal was permitted, allowing him to...more
On 1 February, 2019, the National Information Security Standardization Technical Committee issued an amended version of the GB/T 35372-2017 Information Technology – Personal Information Security Specification for public...more
Why does this topic matter to organisations? Each time an organisation processes personal data, it will do so as either a controller or a processor. These roles bear different responsibilities. Therefore, it is critically...more
An amendment to New Jersey’s data breach notification requirements of the Consumer Fraud Act is currently awaiting signature by State Governor Phil Murphy. The bill, Assembly No. 3245, was recently passed by both the New...more
The California Consumer Privacy Act ("CCPA") was enacted in early 2018 as a political compromise to stave off a poorly drafted, and plaintiff’s friendly ballot initiative. Although the CCPA is scheduled to go into force in...more
As a proposed Privacy Bill works its way through the New Zealand Parliament, key changes aim to strengthen the protection of confidential and personal information....more
If you are a U.S.-based entity that is subject to the EU Data Protection Regulation (GDPR), and you store personal data of EU residents and personally identifiable information of U.S. residents in a commingled database, you...more
Canada now follows the US trend to require reporting of personal data exposures. Beginning November 1, 2018, a change in the law will require companies subject to Canada’s federal data protection laws to report data breaches...more
This 10-step guide will walk you through the upcoming changes to the Personal Information Protection and Electronic Documents Act (PIPEDA), the factors to consider in being prepared under PIPEDA and other related...more
Banks and other financial institutions rely on a relatively small number of core service providers to process customer personal and financial information. The National Association of Federally-Insured Credit Unions (NAFCU)...more
California recently passed and signed into law a privacy bill that provides California consumers with data protections that share key features with the European Union's GDPR. While not nearly as strict or extensive as the...more
In May 2018, the General Data Protection Regulation (GDPR) entered into effect in EU member states, replacing a longstanding and less rigorous data and e-privacy directive. ...more
With the General Data Protection Regulation (GDPR) now in force, the focus on privacy and data protection throughout the European Union (EU) is stronger than ever before. With this new law comes new obligations for companies...more