In the wake of the Supreme Court’s ruling in Dobbs vs. Jackson Women’s Health Organization, much has been written about how existing privacy laws, such as the Health Insurance Portability and Accountability Act (“HIPAA”), are...more
It does not look as though Massachusetts will be state number 6 to enact a comprehensive data privacy law – or at least not the one that people have been talking about. The Massachusetts Joint Committee on Health Care...more
Privacy law 101 includes a simple but important basic concept that organizations may only use personal information they collect for what they say they will, and how they say they will. According to the Federal Trade...more
At a Boston College cybersecurity conference sponsored by Mintz, FBI Director Christopher Wray said that agents this summer thwarted a planned attack on Boston Children’s Hospital...more
On April 28, 2022, the Connecticut legislature took the final step to become very close to passing comprehensive consumer privacy legislation as the Connecticut House of Representatives voted 144-5 in favor of Senate Bill 6,...more
5/4/2022
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Connecticut ,
COPPA ,
Data Privacy ,
Data Security ,
Enforcement ,
Fair Credit Reporting Act (FCRA) ,
FERPA ,
Governor Lamont ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Private Right of Action ,
Proposed Legislation ,
State Privacy Laws
Ransomware is the “business pandemic.” Warnings have been issued by multiple agencies around the world to alert businesses to increase their protection and awareness. Most recently, the Department of Health and Human...more
4/29/2022
/ American Hospital Association ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Malware ,
Phishing Scams ,
Popular ,
Ransomware ,
Russia ,
Ukraine ,
Vulnerability Assessments
On Monday, President Biden warned U.S. companies to be on guard against Russian cyberattacks, citing intelligence as a call to action.
“I have previously warned about the potential that Russia could conduct malicious...more
Following closely on its proposal for substantial new cybersecurity requirements for investment advisers and registered investment companies, the Securities and Exchange Commission (SEC) unveiled a new slate of proposed...more
Utah is on the brink of joining California, Colorado, and Virginia to become the fourth state in the US to enact a major comprehensive privacy law. On February 25, the Utah Senate passed the Utah Consumer Privacy Act...more
Facebook’s parent company Meta has agreed to settle one of the longest-running data privacy lawsuits in the country for $90 million. This dispute, originally filed in 2012 in a total of 21 related cases, alleged that Facebook...more
Data Privacy Week kicked off with a major message for US publicly-traded companies: the Securities and Exchange Commission will be looking at cybersecurity. SEC Chairman Gary Gensler said in a speech to a virtual securities...more
As public companies embark on the year-end reporting process, they will need to consider, and in some cases take steps to address, a number of significant developments and issues. As in past years, Mintz has prepared a...more
1/19/2022
/ Annual Meeting ,
Coronavirus/COVID-19 ,
Corporate Governance ,
Cybersecurity ,
Data Privacy ,
Disclosure Requirements ,
Enforcement ,
Environmental Social & Governance (ESG) ,
Executive Compensation ,
Fiscal Year ,
Nasdaq ,
New Legislation ,
NYSE ,
Popular ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC) ,
Shareholder Meetings
Before the holidays, we warned of a critical vulnerability in a widely-used Java logging utility that could affect tens of thousands of companies. Since that original alert, multiple US and foreign government cybersecurity...more
We want to make our readers and your security operations aware of a critical vulnerability that is actively being exploited in the wild.
CVE-2021-44228 can easily be exploited to gain complete access to the targeted...more
It’s been a busy 2021 legislative session for changes to data breach laws, and that means it is time to review and update your incident response plans. Several states have shortened data breach notification timelines or...more
Welcome to Fall 2021! We’re trying to curate some of the week’s privacy and cybersecurity news to keep you up-to-date:
CONTI RANSOMWARE ON THE RISE — Another week, another US agency joint advisory on ransomware. The...more
As you may recall, the California Privacy Rights Act (“CPRA”) established a new state privacy regulatory agency, the California Privacy Protection Agency Board (“CPPA Board”), and the CPRA vests certain rulemaking authority...more
Ransomware Roundup -
It is difficult to keep up with the constant news on ransomware, but here is some of the latest:
Sanctions for Payment? The Wall Street Journal reports that sanctions for payment of ransomware...more
There is a pattern here. Long holiday weekends make for ransomware attacks and data breaches. It is well-known that malicious actors take advantage of understaffed IT resources on holidays. In fact, it’s become such a common...more
9/3/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
FBI ,
Hackers ,
Holidays ,
Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) ,
Ransomware ,
Risk Management
There is a glut of information out there regarding privacy and cybersecurity these days. Our new feature “What We’re Reading” provides a curated list of articles, blogs, newsletters, and books that you may find interesting...more
There is a glut of information out there regarding privacy and cybersecurity these days. Our new feature “What We’re Reading” provides a curated list of articles, blogs, newsletters, and books that you may find interesting...more
Colorado has now joined California and Virginia to become the third US state to pass a comprehensive data privacy legislation when Governor Jared Polis signed the Colorado Privacy Act (the “CPA”) into law on July 8, 2021. The...more
8/3/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
CDPA ,
Colorado ,
COPPA ,
Data Deletion ,
Data Protection ,
Enforcement ,
Fair Credit Reporting Act (FCRA) ,
General Data Protection Regulation (GDPR) ,
GLBA Privacy ,
Notice Requirements ,
Opt-Outs ,
Right of Access ,
State Privacy Laws
There is a glut of information out there regarding privacy and cybersecurity these days. Our new feature “What We’re Reading” provides a curated list of articles, blogs, newsletters, and books that you may find interesting...more
To note the one year anniversary of the California Consumer Privacy Act (CCPA) enforcement date, California Attorney General Rob Banta held a press conference on July 19, 2021 to share key information about enforcement...more
Colorado has now joined California and Virginia to become the third US state to pass a comprehensive data privacy legislation when Governor Jared Polis signed the Colorado Privacy Act (the “CPA”) into law on July 8, 2021. The...more