On April 4, the Cybersecurity and Infrastructure Security Agency published a notice of proposed rulemaking setting out mandatory reporting requirements for covered entities that experience cybersecurity incidents or make...more
5/13/2024
/ Biden Administration ,
Compliance ,
Covered Entities ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
DFARS ,
Form 8-K ,
NPRM ,
Proposed Rules ,
Publicly-Traded Companies ,
Ransomware ,
Reporting Requirements
On July 10, 2023, the European Commission adopted an adequacy decision for the new EU-U.S. Data Privacy Framework (“EU-U.S. DPF”), the successor to the EU-U.S. Privacy Shield, which the Court of Justice of the European Union...more
7/19/2023
/ Certification Requirements ,
Compliance ,
Compliance Monitoring ,
Department of Transportation (DOT) ,
EU ,
European Commission ,
Federal Trade Commission (FTC) ,
Framework Agreement ,
International Data Transfers ,
Privacy Framework ,
UK
Speaking about the U.S. Department of Justice's enforcement priorities on Sept. 12 at the American Bar Association's annual Civil False Claims Act and Qui Tam Enforcement Institute conference, the principal deputy assistant...more
On May 27, 2022, the California Privacy Protection Agency (CPPA) released draft regulations for the California Privacy Rights Act (CPRA) (Draft Regulations). The Draft Regulations come roughly two months before the agency is...more