2023 New Data Privacy Requirements
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
Law Brief: The Requirements of the SHIELD Act and Other Recommendations for Virtual Business Operations
CF on Cyber: Leveraging the Incident Response Guide to Prepare for the CCPA
II-31- The Changing 9 to 5 From 1980 to Today
Perkins Coie’s Privacy & Security practice maintains this comprehensive chart of state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in understanding each...more
Amid intense focus on AI and a flurry of consumer privacy law updates, legislative activity has continued to change data breach notification requirements in a variety of ways. Similar to 2023, a handful of changes to...more
Earlier this year, Governor Josh Shapiro signed amendments to Pennsylvania’s Breach of Personal Information Notification Act (BPINA) into law, which go into effect on September 26. As part of the implementation of these...more
Tennessee has joined a handful of other states to provide certain safe harbors in the cybersecurity realm. Unlike others, the law sites beside -but does not modify- the states’ data breach notification law. Also unlike...more
Iowa becomes the fourth U.S. state to provide an affirmative defense for companies that adopt a cybersecurity framework - Iowa is the fourth state—following Ohio, Connecticut, and Utah—to provide a statutory incentive for...more
As we wrote in November, Pennsylvania amended its data breach notification laws last year, and those changes go into effect tomorrow (May 2, 2023). Beginning tomorrow, if a breach of username/email accounts and their...more
In April, Kentucky (HB 474) and Maryland (SB 207) adopted insurance data security legislation based on the National Association of Insurance Commissioners (NAIC) model law. A total of 15 states have adopted the NAIC Model...more
Over the last several months, a minority of states amended their data breach notification statutes or enacted sector-specific breach notification requirements. ...more
In addition to recently passing a cybersecurity safe harbor law, Connecticut also updated its data breach notification law. Connecticut joins Texas in passing changes to breach notification requirements this year. There are...more
Connecticut has become the third state to enact a cybersecurity safe harbor statute. On June 16 and July 6, 2021, Connecticut Governor Ned Lamont signed two new cybersecurity laws that continue the national trend of...more
In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons...more
Keypoint: New Utah law creates incentive for businesses to develop and implement a written cybersecurity program to protect themselves against data breach lawsuits. On March 11, 2021, Utah governor Spencer Cox signed the...more
Privacy and security continue to be at the forefront for legislatures across the nation, despite (or perhaps because of) the COVID-19 pandemic. In late May, with back-to-back amendments, Washington D.C. and Vermont...more
Effective as of March 21, 2020, New York State’s Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)requires that nearly all businesses, regardless of where they are based, take affirmative steps to protect...more
States continue to enhance and expand their breach notification requirements, increasing the scope of breaches that require notice as well as the complexity of compliance. Four jurisdictions—Vermont, the District of Columbia,...more
Vermont recently amended its data breach notification law. The changes will go into effect July 1, 2020. As amended, the definition of “personal information” now includes the following when combined with a consumer’s first...more
Certain provisions of the New York Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) recently took effect in the state of New York. The act was signed into law by the governor in July 2019, and its data breach...more
As millions of employees around the country begin their second month working remotely, several government agencies have issued warnings regarding a spike in data security incidents and the increased risk of cyber-attacks such...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
The full set of amendments to New York’s data breach notification law enacted through the Stop Hacks and Improve Electronic Data Security (SHIELD) Act in July 2019 came into effect on March 21, 2020. The law now requires that...more
As the COVID-19 pandemic continues to demand the attention of corporate leaders and the public at large, businesses have likely had little time to get up to speed on New York’s new data breach notification law, the Stop Hacks...more
The new data security requirements provision of New York’s Stop Hacks and Improve Electronic Data Security (SHIELD) Act went into full force as of March 21, 2020, and all people and businesses, regardless of the state in...more
In the midst of the coronavirus pandemic when more condo and coop board business is being conducted electronically than ever before, the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) will go into effect on...more
One of the major changes introduced by the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which was signed into New York law last year, is scheduled to take effect this week. ...more
As we first reported on July 24, 2019 (and updated on September 24, 2019), an amendment of New York’s data breach notification law—the Stop Hacks and Improve Electronic Data Security Act, commonly referred to as the SHIELD...more