Privacy laws bring substantial compliance challenges for every organization that collects, processes, stores, and transfers personal data anywhere in the world. For legal departments, compliance professionals and internal...more
Looking for compliance education and networking in your area? SCCE & HCCA’s Regional Compliance & Ethics Conferences bring compliance practitioners from all disciplines together for convenient, local compliance education....more
In advance of the California Privacy Protection Agency’s (CPPA) December 8 Board meeting, the Agency has published new draft automated decisionmaking technology (ADMT) regulations, as well as revisions to draft regulations on...more
SEC Chair Gensler Indicates Commission is Looking to Update SEC’s Regulation S-P - On September 28, 2022, Securities and Exchange Commission (“SEC” or the “Commission”) Chairman Gary Gensler appeared via video at the...more
United Kingdom New Standard Contractual Clauses Submitted to Parliament - The United Kingdom has finalized its new International Data Transfer Agreement and Addendum to the new EU standard contractual clauses. Subject to...more
On 19 January 2022, the European Data Protection Board (EDPB) announced the outcomes of its plenary session that took place earlier this week. The EDPB adopted new guidelines that provide guidance on various aspects of data...more
CYBERSECURITY - Medical Center Rebuilding EMR Following Ransomware Attack - Queen Creek Medical Center (QCMC), also known as Desert Wells Family Medicine, located in Arizona, has notified up to 35,000 patients of a data...more
Given what the healthcare industry faced in 2020, the seventh edition of our Data Security Incident Response (DSIR) Report, “Disruption and Transformation,” is aptly titled. As if fighting the COVID-19 pandemic weren’t enough...more
CYBERSECURITY - GAO Report Identifies Need for DOE to Address Risks to Electrical Distribution System - The United States Government Accountability Office (GAO) recently completed and published a study on electricity...more
CYBERSECURITY - Free Ransomware Service Offered to U.S. Hospitals - The Center for Internet Security (CIS) announced last week that it has launched the Malicious Domain Blocking and Reporting (MDBR) service to assist...more
CYBERSECURITY - Health and Personal Information of N.C. Residents Posted Online by Ransomware Group - Becker’s Health IT reports that two batches of sensitive information of Chatham County, N.C. residents have been posted...more
Report on Patient Privacy 18, no. 1 (January 2021) - The HHS Office for Civil Rights (OCR) settled its 13th enforcement action in its Right of Access Initiative, first announced in 2019 to support individuals’ rights to...more
CYBERSECURITY - HHS Issues Update to Ransomware Threat Alert to Health Care Sector - The Department of Health and Human Services’ (HHS) Division of Critical Infrastructure Protection (CIP) issued a health care and public...more
Ireland’s Data Protection Commission has issued a guidance note on the right of access under the General Data Protection Regulation....more
Regulators, industry experts, and researchers provided insight into health privacy and security enforcement trends, emerging threats, and new tools at a recent conference focused on the Health Insurance Portability and...more
Consumer privacy laws enacted on the other side of the country could have big implications for businesses here in North Carolina. On January 1, 2020, the California Consumer Privacy Act (CCPA) will take effect. This is a...more
A local Munich court has interpreted the right of access under Article 15 of GDPR and German law. Here are some key takeaways for GDPR and for consumer access requests under CCPA: The right of access under GDPR is a...more
Federal US News - FTC Takes Action Against Companies Falsely Claiming Compliance With International Privacy Agreements - The FTC reached a settlement with a background screening company over allegations it falsely claimed...more
On June 28, 2018, California Gov. Jerry Brown signed into law the California Consumer Privacy Act (CCPA or “the Act”), which is the broadest and most comprehensive privacy law enacted in the United States to date.1 The CCPA...more
The Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) released a National Examination Program Risk Alert (Risk Alert) on August 7, 2017 regarding observations from...more