State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: CFIUS Update: Key Takeaways from the FIRRMA Implementing Regulations
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
The State Administration for Market Regulation and the Standardization Administration of China have jointly issued a new national standard applicable to companies conducting business in China, GB/T 45574-2025, Data Security...more
Health Insurance Portability and Accountability Act (HIPAA)-covered entities and business associates should be familiar with restrictions on the use or disclosure of protected health information (PHI) under HIPAA rules....more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
The guide outlines the requirements of a newly implemented Data Security Program designed to prevent China, Russia and other foreign adversaries designated by the U.S. Department of Justice from accessing American’s sensitive...more
On April 11, 2025, the Department of Justice's National Security Division (NSD) issued additional guidance to assist U.S. organizations in understanding and complying with the Data Security Program (DSP). As discussed in our...more
Many “good government” initiatives continue to be enacted or implemented on Capitol Hill or in the Executive Branch — notwithstanding changes in political control. While working on Capitol Hill, the bulk of the legislative...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill 332 (the "New Jersey Data Privacy Law") making New Jersey the thirteenth state to adopt comprehensive data privacy legislation. This signing...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
The Regulation on Management of Automobile Data Security (Trial) (Regulation) was passed on the 101st meeting of Cyberspace Administration of China (CAC), approved by four other Chinese ministries and officially published on...more
Based on China’s Cybersecurity Law (effective from June 1, 2017), the latest draft of Personal Information Protection Law and draft of Data Security Law, the new draft regulations would apply not only to automobile producers...more