The number of states enacting comprehensive privacy laws is growing, adding to the existing patchwork of privacy, security, and data breach notification laws that keep legal and compliance personnel busy. This five-part series will highlight key provisions in a few of the new comprehensive privacy laws and regulations. Each week we will examine laws in a new state and provide recommendations on what steps businesses should consider taking. In Part IV, we discuss the Connecticut Data Privacy Act.
Read more »Data Privacy & Cybersecurity
June 2022
-
Privacy Protection Patchwork, Part IV: How the Connecticut Data Privacy Act Could Impact Your Business Posted on: June 28, 2022 In: Data Privacy & Cybersecurity
-
The “Follina” Vulnerability: Microsoft Support Diagnostic Tool Alert for Zero Day Exploit CVE-2022-30190 Posted on: June 27, 2022 In: Data Privacy & Cybersecurity
On May 30, 2022, Microsoft issued an alert regarding a vulnerability in its Microsoft Support Diagnostic Tool that can be exploited using Microsoft Office documents and results in the unauthorized installation of programs or access to data.The vulnerability evades common protections associated with Microsoft Office documents, requires minimal user interaction, and can be used by a remote attacker to execute arbitrary code, escalate privileges to fully take over a machine, or deploy additional malware.
Read more »
-
North Carolina Prohibits Ransom Payments by State and Local Government Agencies Posted on: June 24, 2022 In: Data Privacy & Cybersecurity
North Carolina made national headlines recently as the first state to prohibit state agencies and local government entities from paying a ransom following an attack. But N.C. Gen. Stat. § 143-800 goes one step further, prohibiting those entities from even communicating with a threat actor following an attack.
Read more »
-
Privacy Protection Patchwork, Part III: What Your Business Should Know About Utah’s Consumer Privacy Act Posted on: June 20, 2022 In: Data Privacy & Cybersecurity
The number of states enacting comprehensive privacy laws is growing, adding to the existing patchwork of privacy, security, and data breach notification laws that keep legal and compliance personnel busy. This five-part series will highlight key provisions in a few of the new comprehensive privacy laws and regulations. Each week we will examine laws in a new state and provide recommendations on what steps businesses should consider taking. In Part III, we discuss the Utah Consumer Privacy Act.
Read more »
-
Privacy Protection Patchwork, Part II: How the Colorado Privacy Act Could Impact Your Business Posted on: June 13, 2022 In: Data Privacy & Cybersecurity
The number of states enacting comprehensive privacy laws is growing, adding to the existing patchwork of privacy, security, and data breach notification laws that keep legal and compliance personnel busy. This five-part series will highlight key provisions in a few of the new comprehensive privacy laws and regulations. Each week we will examine laws in a new state and provide recommendations on what steps businesses should consider taking. In Part II, we explore the Colorado Privacy Act.
Read more »
-
Privacy Protection Patchwork, Part I: New Comprehensive State Privacy Laws and How They Could Impact Your Business Posted on: June 06, 2022 In: Data Privacy & Cybersecurity
The number of states enacting comprehensive privacy laws is growing, adding to the existing patchwork of privacy, security, and data breach notification laws that keep legal and compliance personnel busy. This five-part series will highlight key provisions in a few of the new comprehensive privacy laws and regulations. Each week we will examine laws in a new state and provide recommendations on what steps businesses should consider taking. We begin with the Virginia Consumer Data Protection Act.
Read more »
-
CPPA Issues CPRA Draft Regulations Posted on: June 01, 2022 In: Data Privacy & Cybersecurity
On Friday, May 27, 2022, the California Privacy Protection Agency (CPPA) issued draft proposed regulations ahead of its June 8, 2022 board meeting. While these draft regulations are subject to public comment and may undergo extensive revisions before they are finalized, the draft rules provide some insight into the direction the CPPA is taking with regard to how businesses may collect and use personal information as well as the form and content for notices and disclosures to consumers.
Read more »