Increased remote work due to the COVID-19 pandemic has only exacerbated privacy and cybersecurity concerns, and likely has not changed the finding in Experian’s 2015 Second Annual Data Breach Industry Forecast:.....more
Today, the U.S. Department of Labor’s Employee Benefits Security Administration (EBSA) issued much anticipated cybersecurity guidance for employee retirement plans. This comes more than four and a half years after the ERISA...more
4/15/2021
/ Best Practices ,
Cybersecurity ,
Department of Labor (DOL) ,
EBSA ,
Employee Retirement Income Security Act (ERISA) ,
Employee Training ,
Encryption ,
Popular ,
Retirement Plan ,
Third-Party Service Provider ,
Wage and Hour
In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons...more
4/7/2021
/ Affirmative Defenses ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
New Legislation ,
NIST ,
Personally Identifiable Information ,
Popular ,
State and Local Government ,
State Data Breach Notification Statutes
For the past several years, thousands of businesses have been hit with phishing scams during tax season. Through these social engineering scams, hackers obtain employee Forms W-2 for filing fraudulent tax returns seeking...more
In honor of Data Privacy Day, we provide the following “Top 10 for 2021.” While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2021...more
1/28/2021
/ Americans with Disabilities Act (ADA) ,
Artificial Intelligence ,
ATDS ,
Biometric Information ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet of Things ,
OCR ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
TCPA
Setting up that new IoT device you received for Christmas? Maybe you’ve been derelict in feeding the dog and found a smart dog feeder under the tree, one that will alert you that Luna has been fed or that you have to refill...more
One of the last things pension plan participants would want to learn as they get ready to celebrate the Christmas holiday is that personal data from their pension accounts may have been compromised. This is the case,...more
In April of this year, which seems far longer than eight months ago, we posted about an alert from federal agencies warning that cyber threat actors were exploiting the coronavirus pandemic to fuel phishing and other attacks....more
A new report released by Global Market Insights, Inc. last month estimates that the global market valuation for voice recognition technology will reach approximately $7 billion by 2026, in main part due to the surge of AI and...more
12/10/2020
/ Artificial Intelligence ,
Biometric Information ,
California Consumer Privacy Act (CCPA) ,
COPPA ,
Cybersecurity ,
Data Disposal Protocols ,
Data Protection ,
General Data Protection Regulation (GDPR) ,
Mobile Apps ,
Personal Data ,
State Data Breach Notification Statutes ,
Technology ,
Third-Party Service Provider
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the U.S. Department of Health and Human Services (HHS) have issued a joint cybersecurity advisory stating they have...more
10/30/2020
/ Best Practices ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Department of Health and Human Services (HHS) ,
FBI ,
Multi-Factor Authentication ,
Passwords ,
Ransomware ,
Remote Desktop Protocols ,
TTP
A proposal by Indiana’s Attorney General Curtis Hill on Wednesday would add a significant step in the incident response process for responding to breaches of security affecting Indiana residents. On Wednesday, during a U.S....more
The National Security Agency (NSA) recently released helpful guidance on how to effectively limit location data exposure for its staffers, which also can be helpful information for the general public. Businesses likely will...more
On January 1, 2020 the California Consumer Privacy Act (CCPA) took effect. Largely considered the most expansive U.S. privacy law to date, there has been much anticipation over the impact the law will have on the privacy...more
As many have learned over the last several years, ransomware is a type of malware that denies affected users access to critical data by encrypting it. Attackers profit handsomely by requiring victims to pay substantial sums,...more
As the COVID-19 pandemic presses on, legislators and regulators continue to remind the public of the importance of data security and privacy protections. On April 30th, U.S. Senator Roger Wicker (R-Miss), Chairman of the...more
Just over a month ago, we provided a high-level checklist to help organizations think about critical issues as employees begin working from home to reduce the spread of COVID19. Consistent with “shelter-in-place”/”stay at...more
In the US, many organizations anxiously awaiting assistance under the CARES Act are becoming the targets of cyberattackers looking to feed off of the massive relief being provided by the US treasury. Yesterday, the United...more
Over the past few months, businesses across the country have been focused on the California Consumer Privacy Act (CCPA) which dramatically expands privacy rights for California residents and provides a strong incentive for...more
As announcements relaying the spread of Coronavirus (COVID-19) continue daily, governmental agencies at all levels are offering information and guidance, and businesses are scrambling to prepare and protect their employees...more
Many businesses and their service providers have been awaiting final guidance from the California Attorney General concerning the California Consumer Privacy Act (CCPA). When news came last Friday of a regulatory update...more
2/10/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Proposed Regulation ,
Right to Delete
As reported by Bloomberg Law, data breach class action litigation has begun under the California Consumer Privacy Act (CCPA). Filed in the Northern District of California, San Francisco Division, a putative class action...more
With the California Consumer Privacy Act (CCPA) effective for nearly one month, businesses continue to grapple with the many components of this new privacy framework. A key component of the CCPA is granting consumers the...more
2020 may very well be the most impactful year for data privacy and cybersecurity in the United States. In honor of Data Privacy Day, we discuss some of the reasons why that may be the case. In short, as privacy and...more
Websites play a vital role for organizations. They facilitate communication with consumers, constituents, patients, employees, and the general public. They project an organization’s image and promote goodwill, provide...more
Recently, the U.S. Federal Trade Commission issued an important opinion, concluding that Cambridge Analytica, LLC, the data analytics and consulting company, engaged in “deceptive practices to harvest personal information” of...more