Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Snooping Sadia Talks to Former Official Gene Fishel — Unauthorized Access Podcast
In Shah v. Capital One Financial Corporation, the Northern District of California handed down a ruling that may shape the trajectory of litigation involving tracking technologies, online privacy policies, and California’s...more
India just released a landmark draft of new rules to refine and implement the Digital Personal Data Protection Act (DPDP Act) – which is India’s first comprehensive data privacy legislation regulating digital personal data...more
On January 03, 2025, the government released the much awaited draft Digital Personal Data Protection Rules, 2025, (Draft Rules / Rules) for public consultation and invited stakeholder feedback by February 18, 2025 (access the...more
On January 3, 2025, India’s Ministry of Electronics and Information Technology ("MeitY") released the Draft Digital Personal Data Protection Rules, 2025 ("Draft Rules") for public comment. The primary aim of these Draft Rules...more
In alignment with the ongoing concerns from several European data protection authorities publishing guidelines on data scrapping (i.e., the Dutch DPA, the Italian DPA and the UK Information Commissioner’s Office), the Global...more
Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more
Organisations that make international transfers of personal data have undergone significant challenges and changes over the last few years. With the invalidation of the Privacy Shield agreement in 2020 and the introduction of...more
Some writers (not from my great state of Rhode Island) act like Rhode Island has been behind the times when it comes to data privacy and security when discussing Rhode Island’s new privacy law. I feel a need to explain that...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
Introduction - The legal regime in India relating to data protection and privacy has undergone a significant re-haul and revamp. The Digital Data Protection Act, 2023 (“DPDPA”) received the President’s assent and was...more
Introduction - The Brazilian General Data Protection Law (“LGPD”), enacted in 2018 and enforced since 2020, serves as the cornerstone of the country's data protection framework. Its primary objective is to ensure the...more
In Argentina, data protection is governed by comprehensive legislation aimed at safeguarding individuals' personal data. Below you will find an outline of the key aspects including governing legislation, exploring their scope...more
The Illinois’ Genetic Information Privacy Act (“GIPA”) has been Illinois law for over twenty years. Yet, only in the last year or two has there been an explosion of lawsuits being filed against companies in various...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
On September 7, 2023, the Saudi Authority for Data and Artificial Intelligence (SDAIA) issued the Implementing Regulations of the Personal Data Protection Law (the Implementing Regulations) and the Regulations on Personal...more
Five former Memphis-based hospital employees and another man have pled guilty to unlawfully disclosing patient information in violation of HIPAA, U.S. Attorney for the Western District of Tennessee Kevin Ritz announced....more
For the first time ever, the Federal Trade Commission (FTC) is seeking enforcement under the Health Breach Notification Rule. This regulation requires certain businesses not covered by the Health Insurance Portability and...more
On September 19, 2022, the U.S. Bankruptcy Court for the Western District of Pennsylvania found that secured lenders could not “hide behind” a consent and a release to avoid the review of the commercial reasonableness of a...more
Keypoint: The comments focus on identifying areas in which the Attorney General’s Office may provide additional clarity to consumers and businesses and to ensure, where appropriate, the interoperability of the Colorado...more
Last week’s blog detailed the wave of state legislation that occurred in the U.S. during 2021. It is no surprise that there were also many data privacy developments abroad. It is crucial that organizations affected by...more
Countries all over the globe have been changing their data privacy landscape to account for the information protection required in the digital age. Organizations are handling large amounts of personal data gathered from...more
On October 1, 2020, the three-month grace period for businesses to comply with the Dubai International Financial Centre (DIFC) Data Protection Law (DIFC Law No. 5 of 2020) (“DPL 2020”) came to an end. Regulating the...more
Keypoint: If passed, the bill would create a regulatory structure around the use of contact-tracing apps, including requiring operators of such services to obtain affirmative express consent, provide privacy disclosures, not...more
EU Court Allows Class Action to Proceed, Sets Precedent for Future Data Breach Class Actions - A class action brought against Google will be allowed to move forward after the plaintiff’s appeal was permitted, allowing him to...more
California Adds Biometric Restrictions to Data-Breach Law, Potentially Creating a De Facto Biometric Privacy Law Subject to the governor’s signature, California’s breach-notification law will gain additional requirements...more