In a major development for all businesses handling health data, New York lawmakers passed a sweeping health data privacy bill Wednesday that could have far-ranging consequences across the country. S929, also known as the New...more
1/24/2025
/ Consent ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Collection ,
Data Deletion ,
Data Privacy ,
Data Processors ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
New York ,
PHI ,
Privacy Laws ,
Proposed Legislation ,
State Privacy Laws
Many employers have turned to geolocation tools like GPS devices to monitor employees’ whereabouts and movements – especially those working remotely or in field-based roles. While these tools provide an effective way to boost...more
1/10/2025
/ Best Practices ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Documentation ,
Employee Monitoring ,
Employee Privacy Rights ,
Employee Tracking ,
Geolocation ,
Informed Consent ,
Legitimate Business Purpose ,
Privacy Laws ,
Proportionality ,
Transparency
With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more
1/8/2025
/ Comment Period ,
Covered Entities ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Employer Group Health Plans ,
HIPAA Security Rule ,
Professional Employer Organization ,
Proposed Rules ,
Public Comment ,
Risk Assessment
Comprehensive consumer privacy laws are rapidly expanding across the United States, significantly impacting PEOs. Currently, 19 states have enacted privacy laws, with eight already in effect and 11 set to take effect between...more
12/17/2024
/ Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Subjects Rights ,
Data Use Policies ,
Data-Sharing ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
Professional Employer Organization
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
11/13/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Deletion ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Data-Sharing ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
State Privacy Laws ,
Third-Party Risk ,
Vendor Contacts ,
Vendors
A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more
8/14/2024
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cookies ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
PHI ,
Popular ,
Websites
To the surprise of some, Governor DeSantis recently vetoed a bill that would have provided businesses with a defense to claims arising from “cybersecurity incidents” that lead to data breaches – so long as they met a few...more
A bipartisan group of federal lawmakers just unveiled a sweeping proposal to pass the nation’s first data privacy law and hand a significant amount of power to consumers, one that would bring about a massive change in the way...more
2023 was the most devastating year yet for ransomware attacks, with businesses forking over $1 billion in ransom payments for the first time ever – and 2024 is expected to be even worse. Beyond the payments, the average cost...more
2/22/2024
/ Artificial Intelligence ,
Cloud Storage ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Training ,
Employer Liability Issues ,
Encryption ,
Incident Response Plans ,
Popular ,
Ransomware
The first half of 2023 has been eventful for businesses subject to the California Consumer Privacy Act (CCPA), and the whirlwind of new developments may have left you confused about your current and pending obligations. In...more
8/14/2023
/ California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Privacy ,
Data Protection ,
Data Security ,
Delays ,
Enforcement ,
Opt-Outs ,
Personal Data ,
Privacy Laws
Auto dealerships that provide financing are subject to the Gramm Leach Bliley Act (GLBA). That’s the old news. What’s new is that GLBA-covered businesses have until December 9 to implement significant changes to their...more
8/9/2022
/ Car Dealerships ,
Consumer Privacy Rights ,
Customer Information ,
Data Privacy ,
Data Protection ,
Data Security ,
Federal Trade Commission (FTC) ,
Financial Institutions ,
Gramm-Leach-Blilely Act ,
Incident Response Plans ,
Information Security ,
New Rules ,
Privacy Laws ,
Risk Assessment ,
Safeguards Rule
There’s been a lot of buzz in privacy circles in recent weeks over proposed bipartisan federal privacy legislation that has advanced from policy committee and now awaits further action on the floor of the House of...more
After a stalemate over federal consumer privacy legislation in the past few years, a draft bill was released on June 3 that signals a major step towards bipartisan support for federal consumer privacy legislation. The...more
6/14/2022
/ Consumer Privacy Rights ,
Covered Entities ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Transfers ,
Preemption ,
Privacy Laws ,
Private Right of Action ,
Proposed Legislation ,
State Privacy Laws
Californians just passed a ballot measure that will soon expand the nation’s most stringent data privacy law – and it will have an impact on employers across the country. By voting in favor of Proposition 24 – the California...more
11/5/2020
/ B2B Transactions ,
Ballot Measures ,
California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Retention ,
Data Security ,
Data Use Policies ,
Duty to Correct ,
New Legislation ,
Personally Identifiable Information ,
Privacy Laws ,
Sensitive Personal Information
SB 1121, which is making its way through the California Legislature, would allow businesses to be sued for data breaches even when no one was actually injured. This includes being sued for failing to implement and maintain...more
Employers have a legal obligation to safeguard and protect a variety of information hosted in the workplace. Unfortunately, when it comes to workplace data breaches, the question is not if you will suffer one, but when....more