No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
No Password Required: Founder and Commissioner of the US Cyber Games, CEO of the Cyber Marketing Firm Katzcy, and Someone Who Values Perseverance Over Perfection
Biometric Litigation
Founder of Cyber Security Unity, Member of the Order of the British Empire, and Appreciator of '80s Soap Operas
Illinois Supreme Court Clarifies BIPA Violation Accruals, Opening the Door for “Annihilative” Damage
No Password Required: The Custom T-Shirt-Wearing CEO Who Not Only Appreciates Mega Man ... He Basically Is One
Hybrid Workforces and Compliance with Sheila Limmroth
Legislating Data Privacy Series: A Conversation with Massachusetts Representatives Dave Rogers and Andy Vargas
State Law Privacy Video Series | Privacy and Sensitive Information
Podcast: BIPA Trends in 2022
State Law Privacy Video Series | Applicability
Getting Personal—Wearable Devices, Data, and Compliance
Episode 8: Why brokers, not breaches, are America's greatest privacy threat (with Rob Shavell)
NGE On Demand: Personal Data Protection Travels: The New Standard Contractual Clause with John Koenigsknecht and David Wheeler
Inside Privacy Law: The Regulation of Personal Data
NGE On Demand: Cybersecurity Considerations for Emerging Companies with Michael Gray and David Wheeler
Oklahoma: Changing Data Privacy as We Know It?
The Convergence of AI and Data Privacy in eDiscovery: Using AI and Analytics to Identify Personal Information
Reducing Cybersecurity Burdens with a Customized Data Breach Workflow
Sitting with the C-Suite: Looking Ahead to Potential Compliance Issues Due to COVID-19
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
On May 15, 2024, the Securities and Exchange Commission (the “SEC”) issued final amendments (the “Amendments”) to Regulation S-P (originally adopted in 2000), which governs the treatment of a customer’s nonpublic personal...more
In the privacy world, confidential information relating to the nature, amount, or use of telecommunications services has always been subject to separate rules from other types of customer data. Prior to the advent of...more
A privacy breach can have detrimental consequences for startups: A privacy breach may trigger legal consequences and regulatory scrutiny, especially for a startup that operates in areas with stringent data protection laws...more
Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more
As the world emerged from lockdown, it should come as no surprise that cybersecurity and data privacy remained dominant topics in the media and legal industry. Some of 2021 was much like 2020 – ransomware attacks continued to...more
This webinar is intended for eDiscovery professionals interested in the overlap between data privacy and eDiscovery capabilities, workflows and use cases. The tools to tackle the protection of personal data already exist...more
Has your business considered what obligations you would have to notify people in the event of a cyber-attack that compromises some or all of your IT systems? Have you cataloged all the data you collect and where it is stored...more
Blackbaud Breach - In the early months of 2020, cybercriminals orchestrated a ransomware attack on Blackbaud Inc., a cloud software company headquartered in Charleston, South Carolina that provides data collection and...more
The immediate cyber incident is over – what happens next? Join our esteemed panellists as they outline key considerations when managing post-breach data classification and notification projects. Setting the scene through the...more
After the California Consumer Privacy Act (CCPA) took effect on January 1, 2020, a surge of class action lawsuits predicated on alleged CCPA violations hit businesses. Because of the act’s novelty, it was unclear whether...more
The CCPA’s Private Right Of Action - The CCPA gives consumers several new “Privacy Rights”—such as the right to know how their personal information is collected, used and shared, the right to request deletion of their...more
Regulatory bodies are upping the ante when it comes to settling with companies that have suffered data breaches. In addition to the below settlements, see also the settlement between the OCR and Dignity Health....more
Effective as of March 21, 2020, New York State’s Stop Hacks and Improve Electronic Data Security Act (SHIELD Act)requires that nearly all businesses, regardless of where they are based, take affirmative steps to protect...more
Certain provisions of the New York Stop Hacks and Improve Electronic Data Security Act (SHIELD Act) recently took effect in the state of New York. The act was signed into law by the governor in July 2019, and its data breach...more
Data protection authorities from around the world are stepping in to provide their input and guidance on the matter of data processing activities and the fight against the coronavirus. Hogan Lovells’ global Privacy and...more
One of the major changes introduced by the Stop Hacks and Improve Electronic Data Security (SHIELD) Act, which was signed into New York law last year, is scheduled to take effect this week. ...more
One of the most significant consumer rights offered by the new California Consumer Privacy Act (CCPA) is what we call the “private right of action” afforded by the law. A private right of action under a law basically means...more
As discussed in an earlier blog post, the New York state Stop Hacks and Improve Electronic Data Security Act (or “SHIELD Act”), was signed into law on July 25, 2019....more
Global organizations need a clear, legal means to share data across borders, whether to conduct day-to-day business, comply with government regulations, perform under a contract, respond to lawsuits, or simply communicate and...more
The words “hodgepodge” and “patchwork” are overused in the world of risk and compliance, but they’re certainly appropriate for describing the myriad data privacy regulations popping up around the world. In 2018, the world...more
From late June 2019 through mid-October 2019, a handful of states amended their data breach notification statutes. Specifically, six states amended their states to (1) require notice to the State Attorney General, (2) broaden...more
FBI Warns of Retaliatory Cyber-Attack from Iran - The Federal Bureau of Investigation (FBI) is warning of a heightened likelihood of Iranian cyber-attacks following the escalation of tension between the U.S. and Iran. This...more
The California Consumer Privacy Act (CCPA) has forced companies across the United States (and even globally) to seriously consider how they handle the personal information they collect from consumers. By its terms, however,...more