We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
This week, Marriott International, Inc. and its subsidiary Starwood Hotels & Resorts Worldwide LLC (collectively, Marriott) agreed to settle on the terms of a settlement order with the Federal Trade Commission (FTC) for its...more
The Federal Trade Commission (FTC) continues to enforce and update its Health Breach Notification Rule (HBNR) amidst a fast-changing regulatory environment. A new rule, which took effect this week, expands the scope of the...more
The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more
The Federal Trade Commission (FTC) issued a final rule to amend its Health Breach Notification Rule (HBN Rule). The HBN Rule requires certain entities that handle unsecured personally identifiable health data to notify...more
As our loyal Practical Privacy readers may remember, back in December of 2021, the Federal Trade Commission (the “FTC” or “Commission”) began a rulemaking process to update the Commission’s Health Breach Notification Rule...more
On April 26, 2024, the Federal Trade Commission (“FTC”) announced it had finalized changes to modernize the Health Breach Notification Rule (the “HBNR”) by clarifying its applicability to health and wellness apps and other...more
NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
A privacy breach can have detrimental consequences for startups: A privacy breach may trigger legal consequences and regulatory scrutiny, especially for a startup that operates in areas with stringent data protection laws...more
CYBERSECURITY - SEC’s Hacked X Account Leads to Tumultuous Bitcoin Market - The Securities and Exchange Commission has confirmed that its X account “was compromised, and an unauthorized post was posted.” The SEC...more
On October 27, the Federal Trade Commission (FTC or Commission) published a final rule expanding data breach notification requirements for certain financial institutions (Final Rule). Federal Register, will require entities...more
On October 27, 2023, the FTC approved an amendment to the Safeguards Rule (the “Amendment”) requiring that non-banking financial institutions notify the FTC in the event of a defined “Notification Event” where customer...more
Summary - On May 18, 2023, the Federal Trade Commission (“FTC”) announced a Notice of Proposed Rulemaking (the “Proposed Rule”), which both clarifies the scope of the Health Breach Notification Rule (“HBN Rule”) to include...more
The FTC recently proposed amendments to the Health Breach Notification Rule (HBNR). This is on trend with its aggressive interest over the last couple of years in health data not covered by HIPAA....more
Welcome to Wiley’s update on recent developments and what’s next in consumer protection at the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC). In this newsletter, we analyze recent regulatory...more
Game Developer Dodges Loot Box Suit - In-app epi-games are not the same as slot machines, court says. Again with the Noises and Bright Lights - It’s been a while since we reported on defendant Supercell’s...more
On January 27, the FTC finalized an order with an education technology (ed tech) provider which claimed that the provider’s lax data security practices led to the exposure of millions of users and employees’ sensitive...more
Report on Patient Privacy Volume 23, no 1 (January 2023) The Centers for Medicare & Medicaid Services (CMS) said a data breach at a Medicare subcontractor impacted the personally identifiable information and protected...more
On January 4, the U.S. District Court for the Northern District of Texas granted final approval of an $11 million class action settlement resolving allegations related to a February 2021 data breach that compromised more than...more
The Federal Trade Commission will have its eye on privacy and data security enforcement in 2023. In August, the agency announced that it is exploring ways to crack down on lax data security practices. In the announcement,...more
On October 31, 2022, the Federal Trade Commission (FTC) announced it has taken action against education technology provider Chegg Inc. (“Chegg”) for its “careless” cybersecurity practices that exposed sensitive personal...more
On October 31, 2022, the Federal Trade Commission (FTC) announced a complaint and proposed consent order against Chegg, an edtech company, over its security practices that resulted in four security breaches in three years....more
This year has seen some substantial new data breach settlements including a $500,000 Federal Trade Commission (FTC) fine against CafePress, a $1.25 million multi-state class action settlement and $5 million New York...more
On Aug. 11, 2022, the Federal Trade Commission announced a Notice of Proposed Rulemaking regarding the collection, sharing and use of certain information which it refers to as “commercial surveillance data” and whether the...more
In this month’s Privacy & Cybersecurity Update, we examine the FTC chair’s comments suggesting a potential shift in its approach to data privacy regulation, the European Data Protection Board’s request for comment on its...more