We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Herb Stapleton's FBI Experience Proves to be Asset to Dinsmore's Corporate Team
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Texas Limits Punitive Damage Liability For Data Security Breach...more
Please visit here to visit our Mintz Matrix page with the latest edition of the Mintz Matrix, which is a 50-state resource we have maintained since 2009 to break down and summarize requirements of U.S. state data breach...more
In December 2024, New York Governor Kathy Hochul signed into law two bills (A8872A and S2376B; collectively, the “Bills”) that amend New York’s Data Breach Notification Law. The Bills introduce a maximum thirty-day timeframe...more
In response to several high-profile cybersecurity incidents affecting hospitals and other health care providers, including the Change Healthcare breach, new federal legislation was recently introduced by Senators Ron Wyden...more
New York recently passed new cybersecurity regulations for hospitals licensed in New York to enhance patient safety and cybersecurity....more
A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures...more
Efforts to Address the Lack of Federal Data Privacy Legislation in the U.S. Have Continued - The need for federal data privacy legislation was reiterated in the House Energy and Commerce Committee’s Subcommittee on...more
Editor’s Note: Texas, Oregon, and Delaware became the latest states to pass a comprehensive privacy bill, while the CPRA, Connecticut, and Colorado’s privacy laws came into force. In the litigation world, the FTC filed an...more
On July 1, 2021, the California Department of Public Health (“CDPH”) issued new regulations (the “Regulations”) effective immediately that more narrowly limit the circumstances under which instances of unauthorized access to...more
In addition to recently passing a cybersecurity safe harbor law, Connecticut also updated its data breach notification law. Connecticut joins Texas in passing changes to breach notification requirements this year. There are...more
On June 16, and then on July 6, 2021, Connecticut Governor Ned Lamont signed into law a pair of bills that together address privacy and cybersecurity in the state....more
In enacting the Cybersecurity Affirmative Defense Act, HB80, (Act) on March 11, 2021, Utah became the second state in the U.S. to create affirmative defenses for “persons” to certain causes of action arising out of a breach...more
States continue to enhance and expand their breach notification requirements, increasing the scope of breaches that require notice as well as the complexity of compliance. Four jurisdictions—Vermont, the District of Columbia,...more
City of Durham, NC Hit With Ryuk Ransomware - Another city—Durham, North Carolina—has become the victim of a ransomware attack stemming from a Russian hacker group following a successful phishing scheme. After falling...more
Effective October 23, 2019 for changes in data breach notification requirements, and March 21, 2020 for new data security requirements, New York’s “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act) broadens...more
Tacking an entirely new direction from other US states, Ohio has decided to offer defensive legal protection to businesses who have built a cybersecurity regime around well-known industry standards, even where those...more
Effective November 2, 2018, companies that suffer a breach may have certain defenses in Ohio if they have a written cybersecurity program in place. Under this new law, companies can use as an affirmative defense the existence...more
The Ohio legislature recently passed S.B. 220, which gives businesses that suffer a data breach an affirmative defense against tort claims brought in class action suits....more
On May 29, 2018, Colorado Governor John Hickenlooper signed changes to Colorado law that significantly increase potential data breach burdens and financial penalties on entities operating in Colorado.1 Beginning September 1,...more
With the recent enactment of data breach notification laws in South Dakota and Alabama, all 50 US states now have laws regulating data breach notification. We’ve updated the Mintz Matrix (maintained by the Mintz Privacy Team...more
On March 21, 2018, South Dakota Governor Daugaard signed S.B. 62, enacting the state’s first data breach notification law, which will go into effect July 1, 2018. Previously, Alabama and South Dakota were the only U.S. states...more
The Maryland General Assembly recently amended the Maryland Personal Information Protection Act to expand the definition of personal information, provide a 45-day timeframe for providing notice of a breach, allow for...more
Governor Bruce Rauner signed several new provisions into law amending Illinois’ Personal Information Privacy Act, including health insurance and medical information into the definition of personal information that triggers...more
Recent amendments to the State’s data breach statute give a hard deadline for a business to provide consumer notice, removes encryption safe harbor, exempts entities that are subject to the Health Insurance Portability and...more
With no Congressional consensus to adopt a federal data privacy and breach notification statute, states are updating and refining their already-existing laws to enact more stringent requirements for companies. Two states...more