2025 Privacy Law Preview: Be Prepared
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Caregivers in Cybersecurity — Unauthorized Access Podcast
#WorkforceWednesday: California's Upcoming Cyber Audit and Automated Tech Rules - Employment Law This Week®
Data Dividend: What is Personal Data Worth?
Podcast: Data Privacy and Info Security in Finance: The Lay of the Land [More with McGlinchey, Ep. 52]
2023 New Data Privacy Requirements
Guidepost in Motion EP27: Privacy Matters Part 2: “TMI”-The Privacy Dilemma of Social Media
Webinar Recording – Assessing the Surge in Wiretap Litigation
2022 DSIR Deeper Dive: Class Action Jurisprudence
Interview With Ayesha Minhaj, Google - Digital Planning Podcast
Colorado’s New Comprehensive Privacy Law
#WorkforceWednesday: 2020 in Review and What's to Come in 2021
Sitting with the C-Suite: How Do Corporations Manage the Convergence of Data during Remote Work?
On-Demand Webinar | Protecting Information in a Work-From-Home World
On February 14, 2025, New York’s Governor Hochul signed into law A.B. 920, which amended the state’s Information Security Breach and Notification Act to add personal health information to the types of data that constitute...more
The growing prevalence of data breaches has led to an uptick in class action litigation based on consumers' personal information allegedly being accessed. A common theme emerging in these lawsuits is plaintiffs claiming that...more
Those familiar with the industry know that cannabis retailers find themselves in a unique position compared to other product retailers. Cannabis retailers face significant regulatory hurdles to their operation—particularly in...more
Privacy laws bring substantial compliance challenges for every organization that collects, processes, stores, and transfers personal data anywhere in the world. For legal departments, compliance professionals and internal...more
Our Consumer Protection/FTC and Privacy, Cyber & Data Strategy teams unpack Starwood Hotels’ and Marriott International’s settlements with the Federal Trade Commission and Marriott’s settlement with state attorneys general...more
In November 2023, a class action lawsuit was filed against the genetic testing company, 23andMe. The plaintiffs alleged that a data breach resulted in the unauthorized disclosure of 6.9 million users’ personal and genetic...more
Pennsylvania recently amended their data breach notification law in a way that turns the status quo on its head. The law, Senate Bill 824, adds an obligation to provide regulatory notice and tweaks the definition of personal...more
On June 28, 2024, Pennsylvania Governor Josh Shapiro signed an amendment to Pennsylvania’s Breach of Personal Information Notification Act into law. The amended law, which includes significant changes to the Keystone State’s...more
Editor’s Note: In this informative webcast, Christopher Wall, DPO and Special Counsel for Global Privacy and Forensics at HaystackID, moderates a compelling discussion titled “From Breach to Insight: Incident Response and PII...more
United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
Research from Guidepoint Security found that 2023 saw an 80% increase in ransomware activity year-over-year, driven in part by multiple mass exploitation campaigns impacting hundreds of organizations. In total, the report...more
On February 1, the Federal Trade Commission (FTC or “the Commission”) announced that it had reached a settlement with Blackbaud, a software company, resolving claims related to a 2020 data breach that resulted in the...more
NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
On January 8, the Washington State Court of Appeals affirmed superior court rulings granting final approval to a class action settlement, denying a motion to consolidate six class action lawsuits, and approving a class notice...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
Healthcare providers are responsible for guarding the health and well-being of their patients. Still, they also have an essential duty to protect the personal information they collect in the process....more
In October of 2023, a hacker claimed online that they had 23andMe users’ profile information. We know this as a result of 23andMe’s required statement to the U.S. Securities and Exchange Commission (SEC) on December 1, 2023. ...more
The year 2023 saw continued expansion of public interest in privacy rights, data security and related legislation. Comprehensive privacy laws took effect in five states, while 12 more states enacted similar laws that will...more
Editor’s Note: The FTC continues to crack down on privacy and cybersecurity, including issuing a new warning to tax preparation companies and entering into a consent decree with 1Health.io. VPPA and BIPA litigation continues...more
On October 27, 2023, the Federal Trade Commission (FTC) unanimously approved an amendment to the Gramm-Leach-Bliley Act (GLBA) Safeguards Rule to require certain covered financial institutions to report a broad range of data...more
Data breaches come in many different forms, sizes, and levels of complexity, but they tend to share certain key facts: A third-party bad actor—whether through a phishing attack, a ransomware attack, exploitation of a zero-day...more
Editor’s Note: This article covers valuable insights on artificial intelligence’s (AI) evolving role in cybersecurity and incident response shared during an expert panel discussion. As cybersecurity, information governance,...more
On Jan. 10, 2023, the Federal Trade Commission (FTC) finalized its order against online alcohol marketplace, Drizly, and its CEO, James Cory Rellas for failing to implement security safeguards that led to a data breach in...more