2023 New Data Privacy Requirements
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
Law Brief: The Requirements of the SHIELD Act and Other Recommendations for Virtual Business Operations
CF on Cyber: Leveraging the Incident Response Guide to Prepare for the CCPA
II-31- The Changing 9 to 5 From 1980 to Today
In addition to recently passing a cybersecurity safe harbor law, Connecticut also updated its data breach notification law. Connecticut joins Texas in passing changes to breach notification requirements this year. There are...more
On Jan. 1, 2020, the California Consumer Privacy Act (CCPA), a consumer-friendly privacy law inspired by the European Union’s General Data Protection Regulation, will take effect. Originally published in the North Bay...more
On February 21, 2019, California Attorney General Xavier Becerra and Assemblymember Marc Levine (D-San Rafael) announced Assembly Bill 1130 which intended to strengthen and expand California’s existing data breach...more
Illinois has updated its breach notice law to require, effective January 1, 2020, notice to the Illinois Attorney General of a data breach involving more than 500 Illinois residents. The law contains specific requirements...more
On July 25, 2019, New York Governor Andrew Cuomo signed the Stop Hacks and Improve Electronic Data Security Act (the “SHIELD Act”), making key changes to New York’s data breach notification and cybersecurity laws....more
A few weeks ago, Texas signed into law an amendment to its data breach law, capping off a busy first half of 2019 for state lawmakers in this arena. As we gear up for the second half of 2019, we thought a recap was...more
As the unofficial start of summer begins, Washington and New Jersey have recently enacted two new pieces of cybersecurity legislation. ...more
On May 10, Governor Phil Murphy signed into law P.L.2019, c.95. an amendment enhancing New Jersey’s data breach notification law by expanding the definition of personal information, and updating notification requirements. As...more
The much-anticipated amendment to North Carolina’s data breach notification law that we reported on earlier this year (see here) has finally been introduced to the state’s General Assembly. The bill entitled, an Act...more
South Carolina now has specific breach and security requirements for insurance companies. The law applies to those licensed under the state’s insurance laws and went into effect January 1. Under the law, companies must tell...more
Massachusetts Governor Charlie Baker has signed legislation amending the state’s data breach notification law, and the amendments will take effect on April 11, 2019. The new requirements relate to the timing and content of...more
Effective April 11, 2019, new amendments to Massachusetts’s Data Breach Notification Act go into effect. The amendments impose additional requirements on covered companies that sustain a data breach involving personal data of...more
On January 1, 2019 Vermont’s breach notice law will include obligations specific to data brokers. A “data broker” is defined as a business that “knowingly collects and sells or licenses to third parties the brokered personal...more
The changes keep coming! In 2018, state legislatures have been active in enacting and amending data breach notification laws. With Alabama’s recent enactment, all 50 states now have data breach notification laws....more
Personal information has become the prey of relentless poachers. In light of the influx of data breaches, state legislatures are taking action. Not surprisingly, now every state has enacted data breach notification laws,...more
Colorado’s Protections for Consumer Data Privacy law (“new law”) takes effect on September 1, 2018 and requires that businesses holding personal information for Colorado residents destroy the data they don’t need, protect the...more
On June 28, 2018, the California Privacy Act of 2018 was signed into law by Governor Jerry Brown. The law was approved by the California legislature only hours before and was fast-tracked through the legislative process in...more
On May 29, 2018 Governor Hickenlooper signed HB—1128 into law. Importantly, the Bill amends the State’s data breach notification law to require that affected Colorado residents be notified within 30 days of a data breach, and...more
Arizona Governor Doug Ducey recently signed HB 2154 and HB 2311 into law, both taking effect on July 21, 2018. HB 2154 provides employers with additional guidance and updated notice procedures in the event of a data security...more
Recently, a new bill was signed by Colorado Governor John Hickenlooper, creating far reaching new requirements for entities that collect or maintain personal identifying information of Colorado residents. These requirements,...more
On May 29, 2018, Colorado passed House Bill 18-1128, which requires "covered entities" to comply with new rules regarding the security and disposal of "personal identifying information" (PII). The new law also provides an...more
With the recent enactment of data breach notification laws in South Dakota and Alabama, all 50 US states now have laws regulating data breach notification. We’ve updated the Mintz Matrix (maintained by the Mintz Privacy Team...more
The launching of the website, recently announced by the Delaware attorney general, is part of an effort to assist companies in meeting the notification requirements of the state’s recently amended data breach law....more
Alabama and South Dakota have now enacted data breach notification laws. They were the last two states in the United States without a notification law. Both laws cover the usual topics, defining what categories of information...more
On April 2, 2018, the Superior Court of Suffolk County, Massachusetts denied Equifax, Inc.’s motion to dismiss the Commonwealth’s case against it related to the company’s widely publicized 2017 data breach. Although the...more