2023 New Data Privacy Requirements
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
Law Brief: The Requirements of the SHIELD Act and Other Recommendations for Virtual Business Operations
CF on Cyber: Leveraging the Incident Response Guide to Prepare for the CCPA
II-31- The Changing 9 to 5 From 1980 to Today
Indiana recently amended its breach notification law to include as personal information age verification information collected by adult websites. At the same time, the state passed a new law for adult websites...more
The Rhode Island Legislature enacted its comprehensive data privacy law on July 1, 2024. The Data Transparency and Privacy Protection Act (H 7787, or the “RI-DTPPA”) was enacted in response to growing concerns about data...more
2023 brought a surge of data privacy developments, with a large expansion of state comprehensive privacy laws, litigation of new claims based on older laws (e.g. wiretapping and VPPA cases), increased scrutiny on data...more
On February 1, Connecticut Attorney General (AG) William Tong released a report detailing the AG’s initial efforts to enforce the Connecticut Data Privacy Act (CTDPA or “the Act”) and providing recommendations on how the Act...more
When it comes to data privacy and regulation of personal information, United States companies face a number of major challenges. Compliance is not easy when you have fast-moving targets. The single biggest cause of this...more
In the privacy world, confidential information relating to the nature, amount, or use of telecommunications services has always been subject to separate rules from other types of customer data. Prior to the advent of...more
Consistent with recent trends in broadening the scope of state data breach notification statutes, Connecticut and Florida have expanded the definitions of personal information under their respective data breach notification...more
Rutters, a prominent grocery chain in Pennsylvania with 80 locations statewide, settled a data breach investigation with Attorney General (AG) Michelle Henry’s office by agreeing to pay $1 million and to implement certain...more
The Rhode Island General Assembly amended the state’s data breach law, known as the Rhode Island Identity Theft Protection Act (Act) that makes significant changes to notification requirements for state and municipal agencies...more
In this second installment, we focus on the role of state attorneys general in enforcing U.S. consumer data privacy laws. For our most recent previous article, click here. Most federal privacy laws do not preempt applicable...more
On March 29th, Iowa Governor Kim Reynolds signed Senate Bill 262 into law, making Iowa only the 6th U.S. state to enact a Consumer Data Privacy Rights Law. ...more
With the unanimous passage of Senate File 262 by the Iowa House and Senate and the Governor's signature Tuesday, the Hawkeye State joins California, Colorado, Connecticut, Virginia, and Utah as one of six states with a...more
For businesses subject to data breach notification requirements in Utah and Pennsylvania, a series of significant amendments will soon go into effect in both states. ...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Starting January 1, California’s Privacy Rights Act and Virginia’s Consumer Data Protection Act went into effect. Colorado and Connecticut’s go into effect July 1, and Utah’s goes into effect on the last day of this year,...more
The Data Security Incident Response Report features insights and metrics from 1,270+ incidents that members of the firm’s DADM Practice Group helped clients manage in 2021. This episode takes us deeper into the expanding...more
In our third California Privacy Update, we continue to closely follow potential privacy law updates in California. ...more
Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more
CYBERSECURITY - Okta Notifies Customers of LAPSUS$ Attack - Okta, which markets itself as a “leading provider of identity” in the health care, public sector, energy, financial services, technology, travel and hospitality,...more
As the world emerged from lockdown, it should come as no surprise that cybersecurity and data privacy remained dominant topics in the media and legal industry. Some of 2021 was much like 2020 – ransomware attacks continued to...more
Companies and consumers alike are under perpetual assault from bad actors as IoT, work from home, and cloud migration – all intended to improve productivity – have expanded the cyber attack surface. The continually evolving...more
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
Connecticut’s new cybersecurity standards law, which goes into effect on October 1, 2021, protects companies from punitive damages in certain data breach actions where an organization has a cybersecurity program that conforms...more
For many manufacturers, data privacy and protection laws may seem like legal concerns that apply to other, more consumer-facing companies. While that may be largely true, given the ubiquitous nature of data, no business can...more
On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state....more