While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
6/10/2025
/ Compliance ,
Corporate Counsel ,
Data Breach ,
Data Privacy ,
Disclosure Requirements ,
Personal Information ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
Reporting Requirements ,
State Privacy Laws
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Recent developments at the federal and state level demonstrate that regulators are focused on protecting consumer health data. Specifically, state and federal regulators want to close the gap between HIPAA-protected data and...more
7/21/2023
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
Data Security ,
Electronic Medical Records ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Breach Notification Rule ,
Personally Identifiable Information ,
PHI ,
Privacy Laws ,
State Privacy Laws
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
9/8/2020
/ Compliance ,
Corporate Counsel ,
Data Breach ,
Good Faith ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Information ,
Personally Identifiable Information ,
Popular ,
Safe Harbors ,
State Data Breach Notification Statutes ,
Substantial Risk of Harm
On August 6, 2019, the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) released ISO/IEC 27701 (ISO 27701), a privacy extension to ISO/IEC 27001 and ISO/IEC 27002...more
9/9/2019
/ California Consumer Privacy Act (CCPA) ,
Data Controller ,
Data Processors ,
Data Protection ,
EU ,
General Data Protection Regulation (GDPR) ,
Gramm-Leach-Blilely Act ,
Health Insurance Portability and Accountability Act (HIPAA) ,
International Organization for Standardization ,
Personally Identifiable Information ,
Privacy Laws ,
Security and Privacy Controls
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
On May 24, 2019, the Department of Health and Human Services Office for Civil Rights (OCR) issued a new fact sheet which lists the provisions of the HIPAA Privacy, Security, Breach Notification, and Enforcement Rules (HIPAA)...more
5/31/2019
/ Business Associates ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Medical Records ,
Enforcement ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Liability ,
OCR ,
Personally Identifiable Information ,
PHI
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
New state laws that took effect January 1, 2019, likely will have a broader impact on how U.S. companies collect, process, and secure consumers’ personal information, in addition to how and when they report data breaches....more
1/11/2019
/ Consumer Privacy Rights ,
Consumer Protection Act ,
Cybersecurity ,
Data Collection ,
Data Protection ,
Digital Service Providers ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
State and Local Government ,
State Data Breach Notification Statutes ,
Third-Party
On September 26, 2018, a record settlement was reached between Uber and the attorneys general of all 50 states and the District of Columbia over the company’s 2016 data breach. While this case presents an extreme example of...more
...On June 28, 2018, California passed AB 375, the California Consumer Privacy Act of 2018 (CCPA), which will become effective January 1, 2020. Introduced just a week earlier in an effort to defeat a much stricter...more
7/3/2018
/ Consumer Protection Laws ,
Cybersecurity ,
Data Collection ,
General Data Protection Regulation (GDPR) ,
Governor Brown ,
New Legislation ,
Notice Requirements ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Portability ,
Right to Be Forgotten ,
State and Local Government
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Following on the heels of an active 2015, where eight states enacted changes to their data breach notification laws, another five states amended their statutes in 2016, adding complexity to the current “patchwork” system of...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more