When the General Data Protection Regulation (GDPR) goes into effect on May 25, 2018, the European Union (EU) will mark a sea change in how its member states will seek to protect and regulate the collection and use of EU citizens’ data. But as we have noted in our seven-part series analyzing the impact of Europe’s new data regulation and the hurdles that businesses will have to clear in order to comply with its provisions, the effects of the GDPR will not stop at the EU water’s edge.
Read more »Latest Blog Posts
-
GDPR, Part VI: What Are the Roles of U.S. Regulators? Posted on: December 21, 2017 In: Digital Insights Blog
-
GDPR, Part V: Understanding the Fines and Penalties Provisions Posted on: November 28, 2017 In: Digital Insights BlogNon-compliance with the forthcoming General Data Protection Regulation (GDPR) can mean significant fines and administrative penalties for non-compliant data controllers and processors. The GDPR will go into effect on May 25, 2018, when the former Data Protection Directive 95/46/EC is repealed. While the former directive was binding on all EU member states, it left to the national authorities of each state the choice of “forms or methods” to achieve compliance with its intended results.
Read more »
-
GDPR, Part IV: The Data Subject Consent Provisions Posted on: November 21, 2017 In: Digital Insights BlogWith the forthcoming General Data Protection Regulation (GDPR) set to change the cybersecurity landscape of data collection and storage in the European Union (EU), one of the most important areas that organizations processing or storing EU citizens' data will need to ensure they are complying with is the GDPR's consent guidelines.
Read more »
-
Proposed Cybersecurity Legislation Casts A Wide Net For U.S. Ports Posted on: November 20, 2017 In: Digital Insights BlogOn November 7, 2017, Sens. Kamala Harris, D-Calif., and Dan Sullivan, R-Ark., introduced a bipartisan bill designed to strengthen cybersecurity measures in U.S. ports. The bill, S. 2083, is entitled “Strengthening Cybersecurity Information Sharing and Coordination in Our Ports Act of 2017.” The bill comes in the wake of a ransomware attack in California that disabled the largest terminal in the Port of Los Angeles.
Read more »
-
GDPR, Part III: The Data Protection Officer Requirement Posted on: November 13, 2017 In: Digital Insights BlogThis seven-part series analyzes the ways in which the forthcoming General Data Protection Regulation (GDPR), effective May 25, 2018, will impact the regulatory landscape for entities doing business with or transacting in the data of European Union citizens. The first part of this series provided an overview of the history of pre-GDPR European data protection law. The second installment focused on the GDPR’s breach notification requirements.
Read more »
-
GDPR, Part II: Personal Data Breach Notification Requirements Posted on: November 01, 2017 In: Digital Insights BlogThis seven-part series analyzes the ways in which the General Data Protection Regulation (GDPR), which goes into effect May 25, 2018, will impact the regulatory landscape for entities doing business with, or transacting in the data of European Union citizens. The first part of the series provides an overview of the history of pre-GDPR European data protection law. Future installments will each address a discrete aspect of the GDPR itself.
Read more »
-
GDPR, Part I: History of European Data Protection Law Posted on: October 26, 2017 In: Digital Insights BlogIn today’s global marketplace, organizations must comply with an increasingly complicated set of international laws and regulations. This article is the first in a seven-part series which seeks to explain, in plain English, the critical compliance requirements of the European Union’s forthcoming General Data Protection Regulation (GDPR).
Read more »
-
State of the (State) Data Breach Laws: 2017 Legislative Update, Part III Posted on: October 24, 2017 In: Digital Insights BlogWith 2017 nearing its end, the legislative activity in most state capitals has wound down and the majority of legislatures have ended their 2017 sessions. In Part I and Part II of our series, we looked at how a number of states amended or enacted data breach notification-related legislation (Arkansas, Delaware, Maryland, New Mexico, and Tennessee).
Read more »
-
State of the (State) Data Breach Laws: 2017 Legislative Update, Part II Posted on: October 12, 2017 In: Digital Insights BlogAs we noted in Part I of our series, state legislatures across the country continued to refine and reshape their respective data breach notification requirements during the 2017 legislative session. While a handful of states were successful in passing new data breach notification legislation, some of those states significantly revised just when, how, and under what circumstances an entity has to notify affected consumers of a data breach.
Read more »
-
State of the (State) Data Breach Laws: 2017 Legislative Update, Part I Posted on: September 26, 2017 In: Digital Insights BlogWith the summer winding down and children already heading back to school, most state legislators have already said “sine die” to the 2017 legislative session. And like in legislative sessions over the past few years, data security and data breach notification continued to occupy the legislative calendars of state houses across the country in 2017. During the past session, a myriad of bills affecting breach notification requirements were proposed in numerous state legislatures.
Read more »
-
Executive Management Guide to Cybersecurity: A Conversation with Your IT Team Posted on: August 29, 2017 In: Digital Insights BlogGiven the tremendous economic and reputational costs of recent cyber attacks, executives are increasingly attempting to better understand the risk to their information systems. They’ve heard about the impact of data breaches on their peer corporations, and they’ve read about the huge fines levied by federal regulatory agencies. They’ve developed an increased sense of urgency to become better educated.
Read more »
-
What You Don’t Know Can Hurt You Posted on: August 24, 2017 In: Digital Insights BlogThe need to protect patient information from unauthorized disclosure is nothing new for healthcare providers. However, healthcare providers cannot adequately protect the security and integrity of their patients’ information if they do not first know what threats they face. A string of recent enforcement actions and corresponding high-dollar settlements with the U.S. Department of Health and Human Services Office for Civil Rights (OCR) demonstrates that the agency takes threat identification seriously.
Read more »
Blog Search
Featured Posts
- December 05, 2018 Welcome to Lewis Brisbois’ IP & Technology Law Blog
- November 12, 2018 Lack of Code Diversity in Cryptocurrency Ethereum May be Propagating Bad Code
Blog Categories
Blog Tags
aba
alabama
america invents act
american bar association
arkansas
audit
blockchain
breach notification
cafc
california
ccpa
cease and desist
client notification
colorado
commission
congress
consent order
consumer consent
consumer notification
critical security controls
cryptocurrency
cyber threat
data breach
data privacy directive
data privacy officer
data protection officer
data security
delaware
department of commerce
department of financial services
electronic protected health information
employment
equifax
ethereum
ethics
eu
eu-u.s. data privacy shield
eu-u.s. privacy shield
european parliament
european unioin
european union
fcra
federal circuit
federal communication
federal trade commission
financial firms
fines
gdpr
hacking
hippa
incidence response plan
infringement
innovation
inter partes review
it
malware
maritime cybersecurity
maryland
microsoft office 365
multi-factor identification
net neutrality
new mexico
new york
ninth circuit
nist framework
nist security controls
oregon
patching
patent
patent litigation
patents
penalties
personal data
phishing
pipeda
pre-breach services
privacy act
ptab
ransomware
rdp
remote desktop protocol
security posture assessment
security vulnerabilities
service provider agreement
social engineering
social media
south dakota
spear-phishing
spectre
spokeo
statute
supervisory authorities
supreme court
tax preparers
tennessee
third party
utah
virginia
virus
workplace policy