As we approach a new year, we have another chance to resolve to improve our health – our cyber health. In 2021 alone, over 40% of businesses have had data breaches. Some have paid multi-million dollar ransomware demands and...more
The Federal Trade Commission (“FTC”) recently updated the Safeguards Rule under the Gramm-Leach-Bliley Act (“GLBA”), which is applicable to financial institutions, to strengthen data security requirements for consumer...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice. The rapid pace at which technology and data privacy and security...more
12/3/2021
/ Banking Regulators ,
CFIUS ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Breach ,
Data Privacy ,
Data Security ,
European Data Protection Board (EDPB) ,
FDIC ,
General Data Protection Regulation (GDPR) ,
OCC ,
Popular
Welcome to this month's issue of The BR Privacy & Security Download, the new digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice. The rapid pace at which technology and data privacy and security...more
11/5/2021
/ Biometric Information Privacy Act ,
California Consumer Privacy Act (CCPA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Justice (DOJ) ,
Federal Trade Commission (FTC) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Internet Service Providers (ISPs)
On October 6, 2021, the U.S. Department of Justice (“DOJ”) announced a new Civil Cyber-Fraud Initiative to pursue cybersecurity fraud matters using the enforcement mechanisms of the False Claims Act (“FCA”).
This...more
10/26/2021
/ Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Protection ,
Department of Justice (DOJ) ,
DFARS ,
Enforcement Actions ,
False Claims Act (FCA) ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Fraud ,
Popular
To some people ransomware and cyberattacks – not unlike COVID-19 – strike randomly and the only thing one can do is hope that your operations are not hit. The recent mass cyberattacks on the nation’s supply chain struck both...more
Colorado appears set to become the third state to adopt comprehensive privacy legislation following passage of the Colorado Privacy Act by the Colorado Legislature on June 8, 2021. The Colorado Privacy Act mimics its...more
The European Commission has published updated versions of the standard contractual clauses for international transfers of personal data from the European Union (“EU”). These new standard contractual clauses take into account...more
6/9/2021
/ Corporate Counsel ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
EU ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
Companies providing information technology products and services to U.S. government agencies are now required to notify such agencies of cyber incidents and meet specific cybersecurity standards. The executive order attempts...more
Companies engaging in telephone and text marketing will find some relief in the Supreme Court of the United States’ (“SCOTUS”) recent holding in Facebook, Inc. v. Duguid, which narrows the scope of the Telephone Consumer...more