In December, the California Privacy Protection Agency (CPPA) published revised draft regulations on risk assessments required under the California Privacy Rights Act (CPRA).
Under prior draft regulations, the CPPA will...more
This is the third article in a three-part series whereby Ankura privacy experts analyzed the 40 examples of alleged non-compliance with the California Consumer Privacy Act (CCPA) published by the California Office of Attorney...more
This is the second article in a three-part series where Ankura privacy experts analyzed the 40 examples of non-compliance with the California Consumer Privacy Act (CCPA) published by the California Office of Attorney General...more
12/19/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
Consumer Financial Products ,
Department of Health and Human Services (HHS) ,
Financial Services Industry ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Medical Devices ,
Noncompliance ,
State Attorneys General ,
Telehealth
The California Office of Attorney General (OAG) is responsible for enforcing the California Consumer Privacy Act (CCPA) and began sending notifications of alleged non-compliance to companies on July 1, 2020. In June 2021,...more
12/15/2022
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Data Privacy ,
Disclosure Requirements ,
Do Not Sell ,
Enforcement Actions ,
Noncompliance ,
Notifications ,
Opt-Outs ,
State Attorneys General
8 11 The emergence of data protection laws has given greater meaning to how customers and businesses view consent in the context of collecting personal data from consumers. In recent years, regulations such as the General...more
The first major consumer-focused privacy regulation in the U.S., the California Consumer Privacy Act (CCPA), came into effect on January 1st, 2020, which seems like a lifetime ago. Now it’s April 2022, and there are several...more
Recent data privacy regulations like the CPRA in California, the CPA in Colorado, and the CDPA in Virginia will dramatically change how we acquire, store, manage and dispose of information in our organizations. In most major...more
4/28/2022
/ California Consumer Privacy Act (CCPA) ,
CDPA ,
Compliance ,
Data Privacy ,
Data Storage ,
Electronic Records ,
General Data Protection Regulation (GDPR) ,
Information Management ,
New Regulations ,
Personal Information ,
Risk Management ,
State Data Privacy Laws
Starting in January of 2023, businesses subject to California Privacy Rights Act (CPRA), may be required to publish the retention periods for all categories of personal and sensitive information they collect, manage, store,...more
The California Office of Attorney General (OAG) is responsible for enforcing the CCPA and began sending notifications of alleged non-compliance to companies on July 1, 2020.
Almost a year later, in June of 2021, the OAG...more
Since its enactment just over a year ago, some companies have struggled to interpret the California Consumer Privacy Act (CCPA) and the circumstances that might subject them to penalties and fines for violations. In an effort...more
A new trend in privacy and cybersecurity laws is the introduction of safe harbor clauses for aligning data protection controls to recognized data privacy and cybersecurity frameworks.
OHIO HB376: In July 2021, Ohio...more
8/4/2021
/ California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
NIST ,
Popular ,
Privacy Laws ,
Proposed Legislation ,
Safe Harbors
Since the General Data Protection Regulation (GDPR) went into effect in 2018, over half a dozen countries have passed similar privacy regulations and another few dozen have updated or proposed new privacy regulations. In the...more
7/12/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Federal Trade Commission (FTC) ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
New Regulations ,
NIST ,
Privacy Laws ,
Proposed Regulation ,
Risk Assessment