DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
Keypoint: The past two months have seen many courts dismiss privacy claims as judges appear to be more critical of plaintiffs’ theories while other judges have allowed cases to proceed past the motion to dismiss stage....more
In recent months, organizations have been dealing with an emerging wave of lawsuits from an unexpected source: the VPPA. The Video Privacy Protection Act (“VPPA”), originally intended to prevent “wrongful disclosures” of...more
On June 30, 2023 the Northern District of Illinois vacated the $228 million damages award previously entered in the first jury trial arising under Illinois’ Biometric Information Privacy Act (BIPA), and ordered a new jury...more
On June 30, 2023, Mount Desert Island Hospital (“MDIH”) filed a notice of data breach with the U.S. Department of Health and Human Services Office for Civil Rights after discovering that an unauthorized party had gained...more
Personal information from federal lawmakers and congressional staff members was available on the dark web following a breach of DC Health Link, the health insurance marketplace for Washington, D.C. In an internal memo sent to...more
The Federal Trade Commission will have its eye on privacy and data security enforcement in 2023. In August, the agency announced that it is exploring ways to crack down on lax data security practices. In the announcement,...more
WHAT YOU NEED TO KNOW IN A MINUTE OR LESS - The collection and storage of sensitive data can not only invite the attention of government agencies, but also that of putative class action plaintiffs. Government inquiries,...more
In the last two years, the Chinese Ministry of Industry and Information Technology, together with other agencies in the Chinese government, launched a series of campaigns for the rectification of excessive personal...more
First we take Sacramento, then we take Berlin: How do US data protection laws affect how you do business. The webinar is aimed at in-house or outside counsel, as well as data protection and compliance officers. In this...more
PCS Revenue Control Systems, Inc. (PCS) was hit with a proposed class action lawsuit last week alleging that it discovered a data breach from a hacking attack in December 2019 but failed to notify the affected students until...more
California voters signaled that privacy is a top priority by overwhelmingly approving Proposition 24 on Nov. 3, 2020—the California Privacy Rights Act (CPRA). The CPRA amends and significantly strengthens the recently enacted...more
As one of the largest information technology service providers to local governments, the cyber-attack on Tyler Technologies (Tyler) in Plano, Texas is a sobering reminder of how a cyber-attack on a third-party vendor can put...more
Data breaches are a hot topic and will undoubtedly get even hotter. Cybersecurity for your own enterprise isn’t enough — you must evaluate your vendors and determine if they’re prepared to resist cyberattacks. ...more
Employers’ engagement and use of various types of vendors has expanded recently, to include vendors who assist with office re-entry screening and contact tracing as employees return to work during the COVID-19 pandemic. ...more
The current COVID-19 pandemic has forced many businesses online in order to survive. In many cases, businesses had no plans to be online. Others were forced to move online more quickly than planned. In order to assist these...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
On February 10, 2020, the Attorney General issued revisions to the proposed regulations to the California Consumer Privacy Act (the CCPA) which were originally published in October of last year. While the Attorney General...more
On January 28, 2020, the Department of Health & Human Services (“HHS”) Office for Civil Rights (“OCR”) addressed a federal court’s January 23rd invalidation of certain provisions of the Health Insurance Portability and...more
January 1, 2020, opens both a new decade and a new landscape in privacy regulation in the United States. On that day, the California Consumer Privacy Act, or CCPA, is set to become effective. The law will be the first of its...more
Effective October 23, 2019 for changes in data breach notification requirements, and March 21, 2020 for new data security requirements, New York’s “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act) broadens...more
To get prepared for the California Consumer Privacy Act (CCPA), get a grasp of the basic jargonese and terms involved. The CCPA will impact hundreds of thousands of businesses worldwide. In “A Glossary Guide to the CCPA”,...more
The California Consumer Privacy Act (CCPA) imposes a broad array of new legal obligations on businesses to inform consumers about the categories of personal information being collected online and how it will be used....more
On September 13, the final day of its legislative session, the California Legislature approved five amendments to the California Consumer Privacy Act (CCPA), the state’s sweeping new privacy law that takes effect on January...more
No. In order to be considered a “service provider” for the purposes of the CCPA, a vendor must be bound by a written contract that prohibits it from...more