Is your business one that has not prioritized compliance with data privacy laws because you do not collect personal data about your customers? If so, you are in good company, but it is time to reframe your approach on data...more
In a notable event on Election Day this November, California voters approved amendments to the California Consumer Privacy Act (CCPA) and enacted a new statute – the California Privacy Rights Act (CPRA). The new statute...more
Data security and privacy concerns have become one of the top issues keeping business leaders up at night. According to the Ponemon Institute’s 2018 study regarding the cost of data breaches, data breaches are increasingly...more
On April 11, 2019, significant revisions to Massachusetts’ data breach law – Chapter 93H – take effect. The revised statute requires more detailed notifications to both the Commonwealth and affected consumers, and mandates...more
Independent schools, like other non-profits, have valuable digital assets that bring cybersecurity obligations with them. For example, schools typically extend financial aid to students and medical benefits to employees only...more
Although the Massachusetts Data Security Regulations went into effect March 1, 2010, I still find that many companies have not implemented a Written Information Security Program (WISP) and don’t know that they are required to...more
Although federal law only requires that financial institutions and health care providers maintain a written information security policy or “WISP,” approximately thirty four states have enacted legislation that require...more