Addressing the evolving landscape of privacy laws will be at the top of the list of New Year’s resolutions for those doing business in the U.S. Businesses will need to assess and address changes in California privacy law, and...more
This summer, following two years of work toward a model state privacy law, the Uniform Law Commission (ULC) has entered the privacy debate by adopting The Uniform Personal Data Protection Act (the “Uniform Act”) by a vote of...more
In 2023, new consumer privacy laws will be effective in Colorado, Virginia, and California. Of these, the Colorado Privacy Act (SB 21-190 , the “CPA”) is the latest to be enacted. Effective July 1, 2023, the CPA shares many...more
If your business is subject to the CCPA and (alone or in combination) bought, received, sold, or shared for commercial purposes the personal information of 10 million or more consumers (i.e., California residents) in 2020,...more
“Reasonable Security” is a term that is becoming more important due to the continued increase in ransomware incidents over the past few years, which the U.S. Cybersecurity and Infrastructure Security Agency (“CISA”) has...more
Ransomware is dominating headlines and creating unimaginable headaches. Ransomware has been deployed against every industry sector, and against municipalities and other government agencies. The resulting disruptions and...more
As we have discussed in previous articles, through the California Consumer Privacy Act (CCPA), California has set new privacy standards, granted new consumer rights, and imposed new obligations on businesses. Although clearly...more
Having set a new standard for privacy in the United States with the California Consumer Privacy Act of 2018 (the “CCPA”), California has again raised the bar for consumer privacy with the California Privacy Rights Act (the...more
On June 1, 2020, the Office of the California Attorney General submitted the final proposed regulations package under the California Consumer Privacy Act (CCPA) to the California Office of Administrative Law (OAL). As...more
The CCPA became effective January 1, 2020. Some businesses prepared to meet the deadline, while others have become partially compliant but still have more to do. Some may not have begun. What should a business be doing at...more
As we reported here the California Attorney General released proposed regulations pursuant to the California Consumer Privacy Act (CCPA) on October 10, 2019. These proposed regulations were modified on February 7 and again on...more
We want to enable our personnel to work from home during this health crisis. What do we need to worry about from a privacy and cybersecurity perspective?
1.Equipment. Personnel working remotely will need equipment, and you...more
The long-awaited amendments to the California Consumer Privacy Act of 2018 (CCPA) have finally become law. On October 11, 2019—two days before the October 13 deadline—California Governor Gavin Newsom announced that he signed...more
On October 10, 2019, the California Office of the Attorney General (“AG”) published the long-awaited proposed text of the California Consumer Privacy Act Regulations (the “Proposed Regs”). The Proposed Regs provide guidance...more
10/17/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Opt-Outs ,
Personal Information ,
Privacy Laws ,
Proposed Regulation ,
Right to Delete
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees in...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (CCPA) will impose new privacy obligations on certain businesses that collect personal information of California consumers and are (or are jointly with...more
On March 1, 2017 the cybersecurity regulation of the New York Department of Financial Services (the DFS Regulation) took effect, requiring subject financial institutions (Covered Entities), including insurance companies, to,...more
On August 2, 2019, New Hampshire became the most recent of many states that adopted an Insurance Data Security Law (Senate Bill 194-FN) modeled after the National Association of Insurance Commissioners’ (NAIC) Insurance Data...more
To date, six states from Michigan to Alabama have adopted versions of the National Association of Insurance Commissioner’s model insurance data security law (the “NAIC model”). The NAIC model generally requires entities...more
On January 10, 2019, Massachusetts Governor Charlie Baker signed House Bill No. 4806 into law. The bill amends certain provisions of the state data breach notification law, increasing reporting requirements on a person or...more
On March 1, 2017 the cybersecurity regulation of the New York Department of Financial Services (the “DFS Regulation”) took effect, requiring subject financial institutions, including insurance companies, (“Covered Entities”)...more
As an early stage or startup InsurTech, you’re highly focused on all the right things: identifying a challenge for the insurance industry, developing an innovative technical solution, making it practical and scalable, getting...more
Beginning on January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) will impose new privacy obligations on certain businesses that collect personal information of California consumers. Employers with employees...more
Effective January 1, 2020, the California Consumer Privacy Act of 2018 (“CCPA”) will impose new privacy obligations on certain businesses that collect personal information of residents of California and are responsible for...more
On March 20, 2019, the Joint Committee on Government Administration and Elections (the “Joint Committee”) introduced An Act Concerning Consumer Privacy, Raised Bill No. 1108. The Bill is essentially a reprinting of the...more