2023 New Data Privacy Requirements
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
Law Brief: The Requirements of the SHIELD Act and Other Recommendations for Virtual Business Operations
CF on Cyber: Leveraging the Incident Response Guide to Prepare for the CCPA
II-31- The Changing 9 to 5 From 1980 to Today
Cyber incidents have been growing at an exponential rate in recent years. A recent report from the Identity Theft Resource Center found that there were over one billion data breach victims in Q2 of 2024, which is around five...more
As we wrote in November, Pennsylvania amended its data breach notification laws last year, and those changes go into effect tomorrow (May 2, 2023). Beginning tomorrow, if a breach of username/email accounts and their...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Has your business considered what obligations you would have to notify people in the event of a cyber-attack that compromises some or all of your IT systems? Have you cataloged all the data you collect and where it is stored...more
Modern sock maker, Bombas, recently settled with New York over a credit card breach, agreeing to pay $65,000 in penalties. According to the NYAG, malicious code was injected into Bombas’ Magento ecommerce platform in 2014...more
Effective April 11, 2019, new amendments to Massachusetts’s Data Breach Notification Act go into effect. The amendments impose additional requirements on covered companies that sustain a data breach involving personal data of...more
Although Congress has attempted to agree on federal data breach notification legislation, there is no national data breach notification law that applies to most companies. Instead, 48 states, plus the District of Columbia,...more
On September 26, 2018, a record settlement was reached between Uber and the attorneys general of all 50 states and the District of Columbia over the company’s 2016 data breach. While this case presents an extreme example of...more
The changes keep coming! In 2018, state legislatures have been active in enacting and amending data breach notification laws. With Alabama’s recent enactment, all 50 states now have data breach notification laws....more
Personal information has become the prey of relentless poachers. In light of the influx of data breaches, state legislatures are taking action. Not surprisingly, now every state has enacted data breach notification laws,...more
Recently, a new bill was signed by Colorado Governor John Hickenlooper, creating far reaching new requirements for entities that collect or maintain personal identifying information of Colorado residents. These requirements,...more
Key Recent Developments: - GDPR Goes Live in the EU with Global Reach and Tough New Data Breach Notification Requirement. Arizona and Other U.S. States Toughen Data Breach Notification Laws Amidst Escalating Cyber...more
The European Union’s General Data Protection Regulation (“GDPR”) is arguably the most comprehensive – and complex – data privacy regulation in the world. As companies prepare for the GDPR to go into force on May 25, 2018,...more
With the recent enactment of data breach notification laws in South Dakota and Alabama, all 50 US states now have laws regulating data breach notification. We’ve updated the Mintz Matrix (maintained by the Mintz Privacy Team...more
For many D&O insurers, the risk of exposure posed by cybersecurity incidents involving their insureds has been unclear at best. Cybersecurity incidents, and the corresponding shareholder claims that follow, pose unique and...more
2018 AG Elections- Republican Gentner Drummond Announces Bid for Oklahoma Attorney General- Republican Gentner Drummond has declared his candidacy for Oklahoma AG in 2018. ...more
On April 2, 2018, the Superior Court of Suffolk County, Massachusetts denied Equifax, Inc.’s motion to dismiss the Commonwealth’s case against it related to the company’s widely publicized 2017 data breach. Although the...more
Canada - Data Breach Notification Provisions of PIPEDA Act Go Into Effect Nov. 1, 2018 - • Pursuant to a March 26, 2018 Order in Council, the mandatory breach notification provisions of Canada’s Personal Information...more
Alabama has joined the “crazy quilt” of state data breach notification laws with the governor’s signature of the Alabama Data Breach Notification Act of 2018. Things to take note of under the Alabama law...more
On Wednesday, March 28, 2018, the Alabama Data Breach Notification Act of 2018 (SB318) was signed into law by the Governor, making Alabama round out the roster of 50 states with data breach notification laws. (South Dakota’s...more
The security breach announced by Equifax Inc. on September 7, 2017, grabbed headlines around the world as Equifax revealed that personal data of roughly 143 million consumers in the United States and certain UK and Canadian...more
On August 17, 2017, Delaware Governor John Carney signed into law an Act (“Act”) amending the Delaware Code (“Code”) as it relates to security breaches involving personal information. The Act revises the definition of what...more
Effective June 16, 2017, New Mexico will join 47 other states (as well as the District of Columbia, Guam, Puerto Rico, and the Virgin Islands) by imposing breach notification requirements on entities experiencing information...more
On April 6, 2017, New Mexico joined 47 states, D.C., Guam, Puerto Rico, and the U.S. Virgin Islands when Governor Susana Martinez signed House Bill 15, codifying the Data Breach Notification Act. With New Mexico becoming the...more