Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use. Failure to comply with such obligations can lead to significant financial and reputational harm. In a...more
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more
7/16/2024
/ Biometric Information ,
Covered Entities ,
Cyber Incident Reporting ,
Data Breach ,
Data Security ,
Incident Response Plans ,
Notification Requirements ,
Regulation S-P ,
Risk Assessment ,
Risk Management ,
Securities and Exchange Commission (SEC) ,
Telecommunications
Cross Border Transfers of Data.
UK Data Transfers. The UK government has published a U.S. “adequacy decision” which permits U.S. organizations that have certified to the EU-US Data Privacy Framework (DPF) and UK Extension...more
11/6/2023
/ California Consumer Privacy Act (CCPA) ,
Canada ,
Cross-Border ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Protection ,
EU ,
Federal Trade Commission (FTC) ,
Form 10-K ,
Health Insurance Portability and Accountability Act (HIPAA) ,
NIST ,
Personal Information Protection Law (PIPL) ,
Securities and Exchange Commission (SEC) ,
State Privacy Laws ,
UK
This summer, the Securities and Exchange Commission (SEC) adopted rules to enhance and standardize disclosures by public companies regarding cybersecurity risk management, strategy, governance, and incidents....more