We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
On August 19, Massachusetts Attorney General Andrea Joy Campbell announced a $795,000 settlement with a property management company for alleged violations of the Massachusetts Consumer Protection Act, and the Massachusetts...more
On August 19, 2025, the Massachusetts Attorney General announced a $795,000 settlement with Peabody Properties, Inc., a Braintree, Massachusetts-based property management company, over serious failures in its handling of...more
When it comes to data privacy and cybersecurity regulation in the United States, California continues to lead the way. The state’s latest updates to the California Consumer Privacy Act (CCPA) show that its rules do more than...more
On July 1, 2025, Tennessee officially joined the growing list of states enacting consumer privacy laws with the Tennessee Information Protection Act (TIPA). Inspired by the California Consumer Privacy Act, TIPA introduces a...more
After years of drafting, discussions, and debates, the California Privacy Protection Agency (CPPA) Board reached a significant milestone in its efforts to bring to fruition regulations that have been in discussion by the CPPA...more
The California Privacy Protection Agency (CPPA) has unanimously adopted new regulations requiring certain businesses subject to the California Consumer Privacy Act (CCPA) to conduct annual audits of their cybersecurity...more
Starting September 1, 2025, health care practitioners in Texas are required to store electronic health records in the United States under a new Act. This requirement is found in a recently enacted law that also includes...more
Starting today, July 31, 2025, the Minnesota Consumer Data Privacy Act (“MCDPA”) officially takes effect. Signed by Governor Tim Walz in May 2024, this act majorly affects how the personal data of Minnesota residents is...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: Texas Limits Punitive Damage Liability For Data Security Breach...more
With the seemingly never-ending updates to B2B contracts for compliance with new (and amended) comprehensive state privacy laws, the U.S. Department of Justice’s bulk data transfer rule, and artificial intelligence (AI)...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
Are you storing sensitive data on a shared network drive? If so, your organization could be at serious risk of a data breach or privacy lawsuit. Shared drives, like the common “S:\ drive,” are often used to store documents,...more
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
In April, the Office of the Connecticut Attorney General (OAG) released an updated enforcement report under the Connecticut Data Privacy Act (CTDPA) to highlight privacy enforcement actions taken in 2024....more
On May 26, the governor of Nevada enacted SB 44 to impose new duties on financial services providers in Nevada, aligning state requirements for safeguarding customer information with FTC standards in its safeguards rule (16...more
While Artificial Intelligence (AI) has emerged as groundbreaking and significantly impacting various sectors and enhancing quality of life, the chasm between technological advancements and the law is growing by the...more
Colorado was the third state in the U.S. to pass comprehensive privacy legislation, following in the footsteps of California and Virginia (the Colorado Privacy Act (the “CPA”). Now Colorado is increasing protections again,...more
Are you using artificial intelligence in your business operations? Do you have AI embedded in the goods and services you offer customers? The regulatory framework applicable to AI continues to develop, including across US...more
Eight years ago, on March 1, 2017, the New York Department of Financial Services enacted its landmark cybersecurity regulation covering financial services companies, 23 NYCRR Part 500, known as “Part 500.” Part 500 was the...more
As robotics technology rapidly advances in connection with the use of artificial intelligence (AI), the collection, processing, and storage of personal information—including biometric data—will become increasingly common....more
Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more
On December 24, New York Gov. Kathy Hochul (D) signed into law an amendment to section 899-aa of the N.Y. General Business Law, also known as The Shield Act, modifying the law’s data breach notification requirements....more
Hawaii’s State Data Office recently issued a series of guidance documents for its state agencies on how to handle artificial intelligence. This includes guidance on data protection, data retention and use of Generative AI....more
On January 22, Nebraska state Senator Mike Jacobson (R), at the request of Governor Jim Pillen (R), introduced the Agriculture Data Privacy Act (LB525). This is a first-of-its kind privacy bill that would specifically...more
To commemorate Data Privacy Day, we are pleased to outline Hinshaw's top five privacy predictions for 2025. We covered our strategic recommendations for privacy planning in our earlier alert, and today, we provide some...more