2023 New Data Privacy Requirements
Hinshaw Insurance Law TV – Cybersecurity Part One: Data Breach Notification
Law Brief: The Requirements of the SHIELD Act and Other Recommendations for Virtual Business Operations
CF on Cyber: Leveraging the Incident Response Guide to Prepare for the CCPA
II-31- The Changing 9 to 5 From 1980 to Today
Iowa becomes the fourth U.S. state to provide an affirmative defense for companies that adopt a cybersecurity framework - Iowa is the fourth state—following Ohio, Connecticut, and Utah—to provide a statutory incentive for...more
As we wrote in November, Pennsylvania amended its data breach notification laws last year, and those changes go into effect tomorrow (May 2, 2023). Beginning tomorrow, if a breach of username/email accounts and their...more
Over the last several months, a minority of states amended their data breach notification statutes or enacted sector-specific breach notification requirements. ...more
In addition to recently passing a cybersecurity safe harbor law, Connecticut also updated its data breach notification law. Connecticut joins Texas in passing changes to breach notification requirements this year. There are...more
Connecticut has become the third state to enact a cybersecurity safe harbor statute. On June 16 and July 6, 2021, Connecticut Governor Ned Lamont signed two new cybersecurity laws that continue the national trend of...more
In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons...more
Keypoint: New Utah law creates incentive for businesses to develop and implement a written cybersecurity program to protect themselves against data breach lawsuits. On March 11, 2021, Utah governor Spencer Cox signed the...more
Privacy and security continue to be at the forefront for legislatures across the nation, despite (or perhaps because of) the COVID-19 pandemic. In late May, with back-to-back amendments, Washington D.C. and Vermont...more
Effective as of March 21, 2020, New York State’s Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)requires that nearly all businesses, regardless of where they are based, take affirmative steps to protect...more
States continue to enhance and expand their breach notification requirements, increasing the scope of breaches that require notice as well as the complexity of compliance. Four jurisdictions—Vermont, the District of Columbia,...more
Vermont recently amended its data breach notification law. The changes will go into effect July 1, 2020. As amended, the definition of “personal information” now includes the following when combined with a consumer’s first...more
Certain provisions of the New York Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) recently took effect in the state of New York. The act was signed into law by the governor in July 2019, and its data breach...more
As millions of employees around the country begin their second month working remotely, several government agencies have issued warnings regarding a spike in data security incidents and the increased risk of cyber-attacks such...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
The full set of amendments to New York’s data breach notification law enacted through the Stop Hacks and Improve Electronic Data Security (SHIELD) Act in July 2019 came into effect on March 21, 2020. The law now requires that...more
As the COVID-19 pandemic continues to demand the attention of corporate leaders and the public at large, businesses have likely had little time to get up to speed on New York’s new data breach notification law, the Stop Hacks...more
One of the major changes introduced by the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which was signed into New York law last year, is scheduled to take effect this week. ...more
As we first reported on July 24, 2019 (and updated on September 24, 2019), an amendment of New York’s data breach notification law—the Stop Hacks and Improve Electronic Data Security Act, commonly referred to as the SHIELD...more
As discussed in an earlier blog post, the New York state Stop Hacks and Improve Electronic Data Security Act (or “SHIELD Act”), was signed into law on July 25, 2019....more
From late June 2019 through mid-October 2019, a handful of states amended their data breach notification statutes. Specifically, six states amended their states to (1) require notice to the State Attorney General, (2) broaden...more
As we’ve previously reported, the New York Stop Hacks and Improve Electronic Data Security Act Act (the “SHIELD Act”) goes into effect on March 21, 2020. The SHIELD Act, which amends the State’s current data breach...more
In response to trends, heightened public awareness, and a string of large-scale data breaches, states continue to enhance their data breach notification laws. In 2017 Maryland amended its Personal Information Protection Act...more
On October 23, 2019, the Stop Hacks and Improve Electronic Data Security Act (the SHIELD Act) went into effect. The New York law imposes data breach notification requirements on any business that owns or licenses certain...more
Passed this summer, the Stop Hacks and Improve Electronic Data Security (“SHIELD”) Act introduces new requirements on all businesses that own or license the “private information” of any New York resident....more
With the January 1, 2020 effective date of the California Consumer Privacy Act (the “CCPA”) rapidly approaching, all eyes have been on the California legislature’s consideration of a robust suite of amendments that would...more