Written Information Security Programs, commonly referred to as WISPs, are critical plans to have in place – not only to efficiently and effectively respond to ransomware attacks and data breaches when they occur – but to...more
8/14/2025
/ Compliance ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Information Security ,
Policies and Procedures ,
Privacy Policy ,
Ransomware ,
Risk Management ,
WISP
To say mergers and acquisitions present significant risk is an understatement; however, additional vulnerabilities are being exposed as bad actors threaten to exploit privacy and data security leaks during the transition. ...more
7/24/2025
/ Acquisitions ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Due Diligence ,
Merger Agreements ,
Mergers ,
Personal Data ,
Risk Management
Remote work has given employers and employees pathbreaking flexibility, but it has also raised a host of data and employee privacy concerns....more
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more
7/16/2024
/ Biometric Information ,
Covered Entities ,
Cyber Incident Reporting ,
Data Breach ,
Data Security ,
Incident Response Plans ,
Notification Requirements ,
Regulation S-P ,
Risk Assessment ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Telecommunications
With the Texas Data Privacy and Security Act (TDPSA) on the verge of taking effect on July 1, 2024, the State’s Attorney General, Ken Paxton, recently launched an initiative for “aggressive enforcement of Texas privacy laws.”...more
In yet another example of its focus on imposing greater data security accountability, the New York Attorney General (“NYAG”) recently announced a significant settlement with Marymount Manhattan College (“the College”). The...more
At the start of 2023, the New York State legislature introduced several privacy-related bills. One of those bills, S365, appears to be gaining momentum. It was reported and committed to the Internet and Technology Committee...more
On January 24, 2022, New York Attorney General Letitia James announced a $600,000 settlement agreement with EyeMed Vision Care, a vision benefits company, stemming from a 2020 data breach compromising the personal information...more
New data privacy and security concerns arise as multi-unit residential buildings implement new technologies to manage access, strengthen security, regulate compliance with internal policies and legal requirements, and improve...more
Over the past few months, businesses across the country have been focused on the California Consumer Privacy Act (CCPA) which dramatically expands privacy rights for California residents and provides a strong incentive for...more
For years now, state laws have required subject organizations to provide notification to affected data subjects and, in some instances, to state agencies, consumer reporting agencies, and the media, when they experience a...more
9/19/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Governor Newsom ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Private Right of Action ,
Right to Delete
New York has enacted the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) to amend the state’s data breach notification law to impose more expansive data security and data breach notification requirements on...more
On Thursday, New York Governor Andrew Cuomo signed into law the Stop Hacks and Improve Electronic Data Security Act (SHIELD Act), sponsored by Senator Kevin Thomas and Assemblymember Michael DenDekker. The SHIELD Act, which...more
The flood of massive data breaches – including, most recently, the Equifax breach that compromised the personal data of around 145 million U.S. consumers – has increased the pressure on Congress to pass sweeping federal data...more
That an actual breach of client information could expose your law firm to legal and business risks is unsurprising. The risks posed by a potential breach, however, may be something your firm has not yet carefully considered...more
The Association of Corporate Counsel (ACC), which represents over 42,000 in-house counsel across 85 countries, recently released its ACC Chief Legal Officers (CLO) 2017 Survey which found that two-thirds of in-house legal...more