We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
No Password Required: SVP at SpyCloud Labs, Former Army Investigator, and Current Breakfast Champion
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
AI Talk With Juliana Neelbauer - Episode Two - Cybersecurity Insurance: The New Frontier of Risk Management
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
No Password Required: USF Cybercrime Professor, Former Federal Agent, and Vintage Computer Archivist
Episode 334 -- District Court Dismisses Bulk of SEC Claims Against Solarwinds
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
FBI Lockbit Takedown: What Does It Mean for Your Company?
Privacy Officer's Roadmap: Data Breach and Ransomware Defense – Speaking of Litigation Video Podcast
Decoding Cyber Threats: Protecting Critical Infrastructure in a Digital World — Regulatory Oversight Podcast
Life With GDPR: Episode 104 – Solar Winds and Your Mother – Tell The Truth
No Password Required: American University’s Vice Provost for Research and Innovation and a Tracker of (Cyber) Unicorns
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Texas Limits Punitive Damage Liability For Data Security Breach...more
A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures...more
The State Attorneys General in New York and New Jersey recently settled with four companies over alleged HIPAA noncompliance following phishing attacks. The New Jersey settlements were brought against three NJ-based cancer...more
Over the last several months, a minority of states amended their data breach notification statutes or enacted sector-specific breach notification requirements. ...more
Certain California-licensed healthcare facilities are now subject to additional breach reporting obligations pursuant to regulations (Regulations)[1] issued by the California Department of Public Health (Department) on July...more
The California AG recently reminded companies in the healthcare industry of potential data breach notification obligations beyond HIPAA. As ransomware attacks continue to rise, particularly in healthcare, companies should...more
In addition to recently passing a cybersecurity safe harbor law, Connecticut also updated its data breach notification law. Connecticut joins Texas in passing changes to breach notification requirements this year. There are...more
Keypoint: New Utah law creates incentive for businesses to develop and implement a written cybersecurity program to protect themselves against data breach lawsuits. On March 11, 2021, Utah governor Spencer Cox signed the...more
Editors’ Note: This is the second in our fifth-annual end-of-year series examining important trends in data privacy and cybersecurity in the coming year. Read our previous post on Energy. Though the final results of the...more
States continue to enhance and expand their breach notification requirements, increasing the scope of breaches that require notice as well as the complexity of compliance. Four jurisdictions—Vermont, the District of Columbia,...more
As discussed in an earlier blog post, the New York state Stop Hacks and Improve Electronic Data Security Act (or “SHIELD Act”), was signed into law on July 25, 2019....more
In this month's edition of our Privacy & Cybersecurity Update, we reflect on the GDPR's one-year anniversary while also examining the EU's new Cybersecurity Act. We also take a look at HHS' new guidance on direct liability of...more
The California Consumer Privacy Act: The Next Frontier - The California Consumer Privacy Act (CCPA) has been called the beginning of America’s GDPR. As the most comprehensive privacy law in the United States, entities...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Breaking News- Alaska Governor Appoints Kevin Clarkson as Attorney General- Recently elected Alaska Governor Mike Dunleavey, a Republican, appointed Kevin Clarkson as Attorney General, replacing AG Jahna Lindemuth....more
On November 2, 2018, Ohio’s new cybersecurity law became effective and provides entities with cybersecurity programs that meet certain requirements an affirmative defense against certain tort actions. ...more
The Ohio legislature recently passed S.B. 220, which gives businesses that suffer a data breach an affirmative defense against tort claims brought in class action suits....more
On May 29, 2018, Colorado Governor John Hickenlooper signed changes to Colorado law that significantly increase potential data breach burdens and financial penalties on entities operating in Colorado.1 Beginning September 1,...more
With the recent enactment of data breach notification laws in South Dakota and Alabama, all 50 US states now have laws regulating data breach notification. We’ve updated the Mintz Matrix (maintained by the Mintz Privacy Team...more
Several weeks ago, South Dakota and Alabama became the final two states to enact data breach notification laws. The Alabama Data Breach Notification Act of 2018 takes effect on May 1, 2018, and imposes information security,...more
The nation’s patchwork of state data breach notification laws is now complete. All 50 states, as well as the District of Columbia, Puerto Rico, Guam, and the Virgin Islands, have enacted breach notification laws requiring...more
On March 21, 2018, South Dakota Governor Daugaard signed S.B. 62, enacting the state’s first data breach notification law, which will go into effect July 1, 2018. Previously, Alabama and South Dakota were the only U.S. states...more
On Monday, February 5, 2018, the Massachusetts Attorney General’s Office (AGO) sent an e-mail blast regarding their new online form for businesses needing to report breaches under Chapter 93H of the Massachusetts General...more
The Maryland Personal Information Protection Act has been updated and the new provisions are effective January 1, 2018. The new law expands the definition of personal information that is protected under the statute....more
Following on the heels of an active 2015, where eight states enacted changes to their data breach notification laws, another five states amended their statutes in 2016, adding complexity to the current “patchwork” system of...more