Thousands of devices connecting to the internet make up the Internet of Things (IoT). While helping to streamline operations and improve productivity, the advantages of IoT are not without risks. Recent federal and state laws...more
The Texas Legislature, which meets every other year, pushed a change to its data breach notification law at the end of the session in late May, and yesterday Governor Greg Abbott signed the bill into law...more
6/15/2021
/ Corporate Counsel ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Governor Abbott ,
Notification Requirements ,
State Attorneys General ,
State Data Breach Notification Statutes
State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong announced the passage of An Act Concerning Data Privacy...more
In late May, New York Attorney General Letitia James announced a $200,000 settlement agreement with Filters Fast, an online water filtration retailer, stemming from a 2019 data breach compromising the personal information of...more
6/8/2021
/ Breach Notification Rule ,
Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Cyber Attacks ,
Data Breach ,
New York ,
Personal Information ,
Policies and Procedures ,
Settlement Agreements ,
SHIELD Act ,
State Attorneys General ,
Websites
In mid-March, Utah Governor Spencer Cox signed into law the Cybersecurity Affirmative Defense Act (HB80) (“the Act”), an amendment to Utah’s data breach notification law, creating several affirmative defenses for persons...more
4/7/2021
/ Affirmative Defenses ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Data Security ,
New Legislation ,
NIST ,
Personally Identifiable Information ,
Popular ,
State and Local Government ,
State Data Breach Notification Statutes
As we noted in late January 2020, the spread of infectious disease raises particular concerns for healthcare workers who want to do their jobs and care for their patients, while also protect themselves and their families....more
3/19/2021
/ Coronavirus/COVID-19 ,
Data Breach ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Workers ,
Information Technology ,
Medical Records ,
Third-Party ,
Unauthorized Access ,
Vaccinations ,
Vendors ,
Virus Testing
Florida may soon join the growing number of states that have enacted comprehensive consumer privacy legislation. Backed by Governor Ron DeSantis, Florida House Bill 969 (HB 969) would create new obligations for covered...more
3/3/2021
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Credit Reporting Agencies ,
Data Breach ,
Fair Credit Reporting Act (FCRA) ,
FIPA ,
Florida ,
GLBA Privacy ,
Governor DeSantis ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Non-Discrimination Rules ,
Opt-Outs ,
Personally Identifiable Information ,
Proposed Legislation
The California Privacy Rights Act (CPRA), passed in November, 2020, added to the California Consumer Privacy Act (CCPA) an express obligation for covered businesses to adopt reasonable security safeguards to protect personal...more
In honor of Data Privacy Day, we provide the following “Top 10 for 2021.” While the list is by no means exhaustive, it does provide some hot topics for organizations to consider in 2021...more
1/28/2021
/ Americans with Disabilities Act (ADA) ,
Artificial Intelligence ,
ATDS ,
Biometric Information ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
European Data Protection Board (EDPB) ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet of Things ,
OCR ,
Schrems I & Schrems II ,
Standard Contractual Clauses ,
TCPA
In the final days of 2020, the Office for Civil Rights (OCR) at the U.S. Health and Human Service (HHS) released a HIPAA Audits Industry Report (“the Report”), that could be quite helpful to covered entities and business...more
One of the last things pension plan participants would want to learn as they get ready to celebrate the Christmas holiday is that personal data from their pension accounts may have been compromised. This is the case,...more
It goes without saying that November 3rd 2020 was an important day for the future of the nation, but it was also a significant day for the future of California privacy law. On Tuesday, a strong majority of California voters...more
Earlier this year, we reported on an evolution in the form of cyberattack known as ransomware –attackers transitioning from denying affected users access to critical data by encrypting it to removing data from the compromised...more
New York and New Jersey release “COVID Alert NY” and “COVID Alert NJ,” apps designed to alert their users when they have been exposed to someone who tested positive for COVID-19. These apps follow those released in...more
A proposal by Indiana’s Attorney General Curtis Hill on Wednesday would add a significant step in the incident response process for responding to breaches of security affecting Indiana residents. On Wednesday, during a U.S....more
Privacy and security continue to be at the forefront for legislatures across the nation, despite (or perhaps because of) the COVID-19 pandemic. In late May, with back-to-back amendments, Washington D.C. and Vermont...more
Roger Severino, Director of the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS), provides advice for HIPAA covered health care providers:
"When informed of potential HIPAA...more
As many have learned over the last several years, ransomware is a type of malware that denies affected users access to critical data by encrypting it. Attackers profit handsomely by requiring victims to pay substantial sums,...more
As the COVID-19 pandemic presses on, privacy and security matters continue to be at the forefront for federal and state legislature. We recently reported that Washington D.C. updated its data breach notification law. Now, the...more
In the midst of COVID-19 challenges, privacy and security matters continue to be at the forefront for federal and state legislature. In late March, the Washington D.C. (“D.C.”) legislature amended its data breach notification...more
Over the past few months, businesses across the country have been focused on the California Consumer Privacy Act (CCPA) which dramatically expands privacy rights for California residents and provides a strong incentive for...more
As reported by Bloomberg Law, data breach class action litigation has begun under the California Consumer Privacy Act (CCPA). Filed in the Northern District of California, San Francisco Division, a putative class action...more
In response to trends, heightened public awareness, and a string of large-scale data breaches, states continue to enhance their data breach notification laws. In 2017 Maryland amended its Personal Information Protection Act...more
Our quarterly report discusses new developments in class action litigation and offers strategic guidance and tactical tips on how to defend such claims. This issue covers the following topics:
•California Consumer Privacy...more
In response to trends, heightened public awareness, and a string of large-scale data breaches, states continue to enhance their data breach notification laws. Illinois Governor J.B. Pritzker recently signed into law an...more