2023 New Data Privacy Requirements
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
Law Brief: The Requirements of the SHIELD Act and Other Recommendations for Virtual Business Operations
CF on Cyber: Leveraging the Incident Response Guide to Prepare for the CCPA
II-31- The Changing 9 to 5 From 1980 to Today
The legal landscapes for privacy and cybersecurity continue to evolve rapidly, presenting both challenges and opportunities for innovative companies. Indeed, 2024 was a busy year, with the enactment of a number of new federal...more
On February 1, Connecticut Attorney General (AG) William Tong released a report detailing the AG’s initial efforts to enforce the Connecticut Data Privacy Act (CTDPA or “the Act”) and providing recommendations on how the Act...more
In this second installment, we focus on the role of state attorneys general in enforcing U.S. consumer data privacy laws. For our most recent previous article, click here. Most federal privacy laws do not preempt applicable...more
Each Academy provides three-and-a-half days of classroom-style training covering the latest laws, regulations, and developments to help you effectively manage your organization’s compliance program. They are ideal for...more
On October 1, 2021, two Acts overhauling data privacy and cybersecurity in Connecticut took effect—the latest instance of stronger state breach reporting requirements with a safe harbor protection from litigation for...more
Connecticut’s new cybersecurity standards law, which goes into effect on October 1, 2021, protects companies from punitive damages in certain data breach actions where an organization has a cybersecurity program that conforms...more
On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state....more
At the close of Connecticut’s 2021 legislative session, a pair of data protection/cybersecurity related bills made their way to Governor Ned Lamont’s desk, while a CCPA-like omnibus privacy law falling one floor vote short. ...more
Companies should take note of two imminent developments in New York in the area of cybersecurity regulation: enforcement of the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (Regulation) and the...more
New York’s recently enacted Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) enhances data breach notification requirements and requires covered organizations to “develop, implement and maintain” a...more
The California Consumer Privacy Act: The Next Frontier - The California Consumer Privacy Act (CCPA) has been called the beginning of America’s GDPR. As the most comprehensive privacy law in the United States, entities...more
As we approach 2019, companies will want to keep in mind the changes that are coming to various US states’ breach notice laws. On January 1, 2019 Iowa’s law, which has already been amended twice since it was passed in 2008,...more
Effective November 2, 2018, companies that suffer a breach may have certain defenses in Ohio if they have a written cybersecurity program in place. Under this new law, companies can use as an affirmative defense the existence...more
On May 29, 2018, the governor of Colorado signed into law HB 18-1128 (the “Privacy Law”), which made sweeping changes to Colorado’s data privacy laws and which will affect nearly every Colorado business and government entity....more
Data privacy regulation tends to take one of two general approaches. In most of the world—but not in the United States—the approach is usually characterized as “omnibus.” Under an omnibus regime, privacy rights are defined at...more
As we first reported in our January 22, 2018, alert, the Colorado legislature is considering legislation that, if enacted, would significantly change Colorado privacy and data security law....more
This is the second in a two-part series addressing recent developments in state privacy and data security laws. This article addresses new laws about student privacy, enforcement/ punishment for data privacy and security...more