No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Courts across the country are becoming skeptical of data breach and web tracking claims that assert theoretical privacy violations without alleging any actual injury to the plaintiffs. Recent decisions underscore that courts...more
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
The country’s largest provider of cloud-based education software for K-12 schools announced on January 7 that it fell victim to a massive data breach – which may lead to questions about the implications for your school....more
First passed into law in 2018, the California Consumer Privacy Act (CCPA) received its first major update in 2020 by way of the California Privacy Rights Act (CPRA), through which the California Privacy Protection Agency...more
How could an obscure privacy law from 1988 majorly disrupt online video streaming as we know it and make tech giants like Meta and Netflix targets of class action lawsuits?...more
On 11/13/24, FinCEN issued an alert aimed at assisting financial institutions in recognizing fraudulent schemes linked to the utilization of deepfake media generated by generative artificial intelligence (GenAI) tools. The...more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
Four years after the Brazilian General Data Protection Law (LGPD) came into force, Brazil’s Superior Court of Justice (STJ) recently issued a list of precedents exploring how the court applied the law and addressed the...more
On Sept. 17, the Federal Communications Commission (FCC) announced that it has reached a Consent Decree with AT&T Services Inc. to resolve an investigation into a data breach that occurred in January 2023. AT&T's vendor...more
Corporations face unprecedented challenges in safeguarding sensitive data and mitigating privacy risks in an era marked by the rapid proliferation of Internet of Things, or IoT, devices....more
A new federal law requires homes associations and neighborhood associations to disclose information about persons with control over the association. Why this matters for you. From Wall Street to Main Street to your...more
Repurposing old laws to challenge new technologies has become the new normal in the privacy space. Plaintiffs continue to bring a kaleidoscope of privacy claims against companies in the tech age, reviving laws like the...more
On June 20, a federal district court in Texas ruled that the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) exceeded its authority under the Health Insurance Portability and Accountability Act...more
The recent indictment of Maksim Silnikau, a Belarusian and Ukrainian national, is a clear reminder that cybercriminals are becoming more sophisticated and bold....more
Rhode Island is the latest state to enact consumer privacy legislation. The Rhode Island Transparency and Privacy Protection Act (the "Act"), which passed into law on June 28, 2024, establishes a framework for controlling and...more
Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more
Keypoint: While the act does not include many provisions found in the more recent consumer data privacy laws, it would expand privacy notice obligations in one significant way although the applicability and scope of that...more
The Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule requires certain entities that handle unsecured personally identifiable health data to notify...more
The Illinois General Assembly recently passed Senate Bill 2979 (SB 2979), an important piece of legislation that makes several much-needed amendments to the Illinois Biometric Information Privacy Act (BIPA). SB 2979 is now at...more
Editor’s Note: In this informative webcast, Christopher Wall, DPO and Special Counsel for Global Privacy and Forensics at HaystackID, moderates a compelling discussion titled “From Breach to Insight: Incident Response and PII...more
As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more
The Internal Revenue Service (IRS) has begun the process of informing over 70,000 taxpayers that their confidential tax information was leaked in a widespread breach by a former IRS contractor. Those impacted should take...more
On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more