News & Analysis as of

Cybersecurity New Regulations Data Security

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Perkins Coie

CPPA Approves Cybersecurity, Automated Decisionmaking, and Risk Assessment Regulations

Perkins Coie on

After years of drafting, discussions, and debates, the California Privacy Protection Agency (CPPA) Board reached a significant milestone in its efforts to bring to fruition regulations that have been in discussion by the CPPA...more

Herbert Smith Freehills Kramer

Independent Cybersecurity Audits Will Be Required for ‘Significant Risk’ Under CCPA

Herbert Smith Freehills Kramer on

The California Privacy Protection Agency (CPPA) has unanimously adopted new regulations requiring certain businesses subject to the California Consumer Privacy Act (CCPA) to conduct annual audits of their cybersecurity...more

Fisher Phillips

New California Regs Will Impact Your AI and Privacy Policies: FAQs on Automated Decision-Making, Risk Assessments, and...

Fisher Phillips on

California regulators unanimously approved a sweeping set of regulations on July 24 governing the use of automated decision-making technology (ADMT) and mandating risk assessments and cybersecurity audits for businesses...more

Wyrick Robbins Yates & Ponton LLP

California’s New CCPA Cybersecurity Audit Regulations: A Roadmap to “Reasonable” Security?

Wyrick Robbins Yates & Ponton LLP on

Last week, the California Privacy Protection Agency (“Agency”) approved adoption of detailed new regulations under the CCPA that will include (among other notable components) a rule requiring annual cybersecurity audits for...more

Dacheng

China Monthly Data Protection Update: June 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more

Blake, Cassels & Graydon LLP

Nouveau cadre relatif aux incidents de sécurité de l’information à l’intention des institutions financières québécoises

Blake, Cassels & Graydon LLP on

Le 23 avril 2025, le Règlement sur la gestion et le signalement des incidents de sécurité de l’information de certaines institutions financières et des agents d’évaluation du crédit (le « Règlement ») est entré en vigueur au...more

Hogan Lovells

NYDFS: Penultimate set of cybersecurity requirements under amended Part 500 take effect May 1, 2025

Hogan Lovells on

On May 1, 2025, additional cybersecurity requirements introduced by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) took...more

Alston & Bird

Additional Cybersecurity Requirements of NYDFS Part 500 Take Effect

Alston & Bird on

On May 1, 2025, additional enhanced cybersecurity controls required by the Second Amendment to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation (23 NYCRR Part 500) (the “Second Amendment”) take...more

Blake, Cassels & Graydon LLP

New Information Security Incident Framework for Quebec Financial Institutions

Blake, Cassels & Graydon LLP on

On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

Reminder: New York Cybersecurity Reporting Deadline April 15, 2025; New Regulations Effective May 1, 2025

Ogletree, Deakins, Nash, Smoak & Stewart,... on

Covered entities regulated by the New York State Department of Financial Services (NYDFS) must submit cybersecurity compliance forms by April 15, 2025. New sets of requirements for system monitoring and access privileges,...more

Sheppard Mullin Richter & Hampton LLP

New York Adopts Comprehensive Hospital Cybersecurity Requirements

Sheppard Mullin Richter & Hampton LLP on

Cyberattacks on healthcare organizations are on the rise, with the number of affected individuals nearly tripling between 2022 and 2024, according to data compiled by the Department of Health and Human Services Office for...more

Mayer Brown

PRC Network Data Security Management Regulations

Mayer Brown on

On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more

Keating Muething & Klekamp PLL

Benefits Monthly Minute - September 2024

Keating Muething & Klekamp PLL on

The September Monthly Minute highlights the DOL’s extension of existing cybersecurity guidance to health and welfare plans and also addresses the new HIPAA reproductive health privacy rule....more

Coblentz Patch Duffy & Bass

2024 Mid-Year Privacy Report - A Comprehensive Look at New Developments in Data Privacy Laws

Coblentz Patch Duffy & Bass on

Introduction - 2024 has been another big year for privacy. Several new state privacy laws are going into effect, with several more coming in 2025, while a federal privacy law continues to be discussed that would further...more

HaystackID

New Cyber Regulations Define Battle Lines in Corporate and Infrastructure Security

HaystackID on

Amidst an ever-evolving cyber threat landscape, a recent slew of regulatory updates and cybersecurity standards are defining a new battlefront for securing critical infrastructure and corporate data across varying sectors....more

Bass, Berry & Sims PLC

Department of Defense Issues Class Deviation Delaying Application of NIST SP 800-171, Revision 3

Bass, Berry & Sims PLC on

On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more

Sheppard Mullin Richter & Hampton LLP

China Issues Regulations on Facilitating and Regulating Cross-Border Data Flow

Sheppard Mullin Richter & Hampton LLP on

On March 22, 2024, nearly six months after the release of the “draft Provisions on Regulating and Promoting Cross-border Data Transfer” (the “Draft Rules”), the Cybersecurity Administration of China (the “CAC”) formally...more

Benesch

China Officially Promulgates New Cross-Border Data Transfer Requirements

Benesch on

The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more

Sheppard Mullin Richter & Hampton LLP

Eye on Privacy: 2023 Year in Review

Sheppard Mullin Richter & Hampton LLP on

ARTIFICIAL INTELLIGENCE - What is the Privacy Impact of the White House AI Order for Businesses? Posted November 28, 2023 Biden’s sweeping AI Executive Order sought to have artificial intelligence used in accordance...more

Wyrick Robbins Yates & Ponton LLP

New Year, New(ish) State Privacy Laws: New Jersey and New Hampshire Ring in 2024 with Comprehensive Privacy Laws

Wyrick Robbins Yates & Ponton LLP on

Just one month into 2024 and two states have already passed comprehensive consumer data privacy bills. In New Jersey, the legislature passed and on January 16 the governor signed S. 332 (“New Jersey Act”). And in New...more

Bradley Arant Boult Cummings LLP

Florida Bill Proposes Safe Harbor Against Breach Suits to Businesses Maintaining Recognized Cybersecurity Programs

Bradley Arant Boult Cummings LLP on

A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures...more

Epstein Becker & Green

New Jersey Passes Comprehensive Consumer Privacy Law

Epstein Becker & Green on

On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”).  New Jersey is the fourteenth state to pass a...more

Mayer Brown

New Jersey Enacts Privacy Law

Mayer Brown on

On January 16, 2024, Governor Philip D. Murphy signed into law the New Jersey Data Privacy Act (the “Privacy Act”), which goes into effect on January 15, 2025....more

Spilman Thomas & Battle, PLLC

The Current Status of Privacy Laws Across the United States

Spilman Thomas & Battle, PLLC on

Unlike the General Data Protection Regulation (GDPR) in the European Union (EU), the United States does not have a nationwide comprehensive data privacy law. Instead, the United States applies a sectoral approach to its...more

Spilman Thomas & Battle, PLLC

Decoded - Technology Law Insights, V 5, Issue 1, January 2024

Spilman Thomas & Battle, PLLC on

The Current Status of Privacy Laws Across the United States - Unlike the General Data Protection Regulation (GDPR) in the European Union (EU), the United States does not have a nationwide comprehensive data privacy law....more

55 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide