But for limited exemptions added to the California Consumer Privacy Act (CCPA) last year, personal information exchanged in the employment context, and personal information collected through “business-to-business” exchanges, would be subject to all requirements of the CCPA. Those exemptions were set to expire next year. However, the California legislature has recently voted, through Assembly Bill 1281, to extend the exemptions until January 1, 2022.
Read more »Data Privacy & Cybersecurity
-
California Legislature Extends CCPA Exemptions for Employees’ Personal Information & “Business-to-Business” Exchanges to 2022 Posted on: September 24, 2020 In: Data Privacy & Cybersecurity
-
CMS Guidance For Compliance With Interoperability and Patient Access Final Rule Posted on: August 27, 2020 In: Data Privacy & Cybersecurity
In a guidance document published on August 14, 2020, the Centers for Medicare & Medicaid Services (CMS) provided enforcement deadlines and implementation guidance regarding the long awaited CMS Interoperability and Patient Access final rule. The final rule was published on May 1 of this year and includes several new requirements applicable to Medicaid and the Children’s Health Insurance Program (CHIP).
Read more »
-
Healthcare Providers Beware: HIPAA Applies When Complying With Subpoenas Posted on: August 18, 2020 In: COVID-19 Response, Data Privacy & Cybersecurity
Much scrutiny has been given to the treatment for COVID-19 and the use of funds in fighting it. In time, the local, state, and federal governments will be investigating or prosecuting organizations accepting COVID-19 funds or treating those with the coronavirus. Covered entities, such as healthcare providers and health plans, might be served with subpoenas and discovery requests. It is important to know how to manage the release or disclosure of patient information subject to these requests.
Read more »
-
ECJ Invalidates the EU-U.S. Privacy Shield as Adequate Transfer Mechanism Posted on: July 16, 2020 In: Data Privacy & Cybersecurity
In a ruling issued on July 16, 2020, the European Court of Justice (ECJ) invalidated the EU-U.S. Privacy Shield – a primary mechanism available to companies exporting personal data from the European Economic Area (EEA) to the United States.
Read more »
-
A Time for Reflection: Advisen’s 2020 Cyber Law Firm of the Year Award Posted on: July 15, 2020 In: Data Privacy & Cybersecurity
Lewis Brisbois' Data Privacy & Cybersecurity Team recently received Advisen’s 2020 “Cyber Law Firm of the Year” award for the second year in a row. We are proud of this accomplishment and grateful for Advisen’s recognition, as well as the dedication of our attorneys and industry partners. Receiving this honor provides us with more than simply a reason to celebrate. It also gives us a chance to reflect upon the work that we performed last year and to determine how best to serve our clients in the future.
Read more »
-
Accounting Firms: Confirming Security of Client Information After Reports of Tax Fraud Posted on: July 14, 2020 In: Data Privacy & Cybersecurity
The July 15, 2020 extended tax-filing deadline is upon us. Accounting and tax preparation firms are squarely in the crosshairs of opportunistic cyber criminals looking to obtain and exploit sensitive information for the purposes of committing tax fraud. Unfortunately, thousands of Americans will see fraudulent tax returns filed in their names this year, and the accounting firm that files the client’s taxes is often the most obvious target for blame, but the source of the tax exploit may not be as obvious.
Read more »
-
Business Email Compromise Attacks on the Rise in 2020 Posted on: June 18, 2020 In: COVID-19 Response, Data Privacy & Cybersecurity
A business email compromise (BEC) is a cyber crime that utilizes access to an organization’s email to defraud that organization and its employees, customers, or partners. In 2020, COVID-19 has provided attackers with a new source for BEC exploits. Attackers are taking advantage of the need for communications surrounding COVID-19 and increased remote work connections from employee home networks to their employers’ corporate networks.
Read more »
-
California AG Submits CCPA Regulations for Final Approval, Paving the Way Toward Enforcement Posted on: June 03, 2020 In: Data Privacy & Cybersecurity
On Monday, June 1, 2020, the California Attorney General’s Office announced that it had submitted the final version of its proposed regulations under the California Consumer Privacy Act (CCPA) to the California Office of Administrative Law (OAL) for review and approval.
Read more »
-
Legislative Alert: Washington Expands Definition of Personal Information for Public Agencies Posted on: April 22, 2020 In: Data Privacy & Cybersecurity
On March 18, 2020, Washington State Governor Jay Inslee signed into law Senate Bill 6187, which amends the state’s security breach notification statute as applicable to state and local agencies by expanding the definition of “personal information” to include the last four digits of an individual’s Social Security number.
Read more »
-
Legislative Alert: D.C. Passes Security Breach Protection Amendment Act, Creating New Notice Requirements and Cybersecurity Safeguards Posted on: April 17, 2020 In: Data Privacy & Cybersecurity
On March 26, 2020, District of Columbia Mayor Muriel Bowser signed into law Act 23-268, known as the “Security Breach Protection Amendment Act of 2020.” The Act, which amends section 28 of Chapter 38 of the District of Columbia Code, broadens the existing definition of “personal information,” increases the breach notice contents requirements, provides attorney general notice requirements, and mandates cybersecurity safeguards.
Read more »
-
Accounting Firm Vulnerability During Tax Season – Now Extended to July 15 Posted on: April 16, 2020 In: COVID-19 Response, Data Privacy & Cybersecurity
Last month, the IRS extended the usual April 15 tax filing deadline to July 15. While this brings relief to those facing financial hardship due to the COVID-19 pandemic, it also extends the window of opportunity for cybercriminals to attack accounting firms.
Read more »
-
Remaining Vigilant Against State-Sponsored Cyberattacks Posted on: April 15, 2020 In: Data Privacy & Cybersecurity
State-sponsored cyberattacks have increased in recent years. These attacks, which are supported and funded by foreign governments, typically reflect geopolitical dynamics, with hacking campaigns often emerging following international conflicts. Frequently, the nations responsible for cyberattacks seek to achieve specific goals through their hacking campaigns. Their objectives may include conducting economic espionage or disrupting another nation’s political or economic stability.
Read more »