Jonathan Hirsch at Hogan Lovells

Five key observations from the California Privacy Protection Agency's draft privacy regulations

The California Privacy Protection Agency has released draft privacy regulations as part of its efforts to implement the California Privacy Rights Act. We describe five key observations in this client alert....more

6/1/2022 / California Privacy Rights Act (CPRA) , Consumer Privacy Rights , Corporate Counsel , Cybersecurity , Data Privacy , Data Protection , Popular , Privacy Laws , State Privacy Laws

DHS announces cybersecurity obligations for pipeline companies

The U.S. Department of Homeland Security (DHS) issued a security directive (Directive) that, for the first time, imposes mandatory cybersecurity requirements on companies in the pipeline industry. ...more

6/4/2021 / Critical Infrastructure Sectors , Cyber Attacks , Cybersecurity , Data Protection , Department of Homeland Security (DHS) , Hackers , Information Technology , National Security , Oil & Gas , Pipelines , Popular , Ransomware , Supply Chain , Threat Management

NYDFS recommends critical new practices to reduce supply chain risk in wake of SolarWinds attack

On April 27, 2021, the New York State Department of Financial Services (“DFS” or the “Department”) released a report regarding its investigation into the response by DFS covered entities to the SolarWinds supply chain attack....more

5/5/2021 / Cyber Attacks , Cyber Crimes , Cybersecurity , Data Breach , Hackers , Incident Response Plans , Information Technology , NYDFS , Russia , Software , SolarWinds , Supply Chain , Third-Party Service Provider

California AG Tweet draws attention to Global Privacy Control as opt-out mechanism

In late January, California Attorney General Xavier Becerra tweeted that consumers could use a new technology called the Global Privacy Control (GPC) to opt-out of the sale of their personal information under the California...more

3/10/2021 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Data Collection , Data Privacy , Data Sellers , Information Governance , Opt-Outs , Personal Data , Personally Identifiable Information , State and Local Government

New York regulator issues cyber insurance risk framework with implications for insurers and insureds

On February 4, the New York Department of Financial Services (NYDFS) released Insurance Circular Letter No. 2 (2021), a Cyber Insurance Risk Framework (Framework) for insurers that write cyber insurance....more

2/17/2021 / Consumer Insurance Products , Cyber Attacks , Cyber Crimes , Cyber Insurance , Cybersecurity , Cybersecurity Framework , Data Breach , Data Protection , Insurance Regulations , NYDFS , Popular , Risk Management , State and Local Government

California AG Submits CCPA Regulations for Approval – Requests Expedited Review Ahead of July 1 Enforcement Deadline

On June 1, The California Attorney General (CA AG) submitted the final text of the CCPA regulations to the California Office of Administrative Law (OAL) for approval. ...more

6/2/2020 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Collection , Data Management , Data Privacy , Data Protection , Information Governance , Personal Data , Personally Identifiable Information , Rulemaking Process , State and Local Government , State Attorneys General

Second Modified CCPA Draft Regulations Released—Comments Due March 27

On March 11, The California Attorney General (CA AG) released a second set of modifications to the proposed regulations implementing the California Consumer Privacy Act (CCPA)....more

3/13/2020 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Collection , Data Management , Data Privacy , Data Protection , Digital Service Providers , Information Governance , Opt-Outs , Personal Data , Personally Identifiable Information , Privacy Laws , Regulatory Agenda , Regulatory Requirements , Right to Delete , Rulemaking Process , State and Local Government , State Attorneys General

California AG Releases Proposed CCPA Regulations

On October 10, California Attorney General Xavier Becerra (CA AG) released proposed regulations to implement certain provisions of the California Consumer Privacy Act (CCPA). The CA AG also released a Notice of Proposed...more

10/14/2019 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , COPPA , Cybersecurity , Data Collection , Data Privacy , Data Protection , Information Sharing , Non-Discrimination Rules , NPRM , Personal Data , Personally Identifiable Information , Privacy Laws , Proposed Regulation , Regulatory Agenda , Rulemaking Process , State and Local Government , State Attorneys General

The Results Are in: Modest Changes to CCPA Await the Governor’s Signature

Since the California Consumer Privacy Act’s (CCPA) hasty passage in June last year and minor changes last September, the CCPA has vexed businesses working on compliance. Among many practical challenges, the CCPA often...more

9/25/2019 / California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Collection , Data Privacy , Data Protection , Fair Credit Reporting Act (FCRA) , Legislative Agendas , Opt-Outs , Personal Data , Personally Identifiable Information , Privacy Laws , Regulatory Agenda , Request For Information , Rulemaking Process , State and Local Government

HIPAA Penalty Caps to Be Reduced and Tied to Culpability Level

In a dramatic turn, the US Department of Health and Human Services (HHS) has announced that effective immediately, penalties for many HIPAA violations will be subject to substantially reduced limits. ...more

4/30/2019 / Data Breach , Department of Health and Human Services (HHS) , Electronic Medical Records , Electronic Protected Health Information (ePHI) , Enforcement Actions , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Breach , HITECH Act , Penalties

Jonathan Hirsch

Hogan Lovells

Popular Topics by This Author

Latest Publications