Washington State will soon pass a law that will overhaul its data breach notification requirements, beginning in March 2020. House Bill 1071, which passed both of Washington’s legislative chambers, was presented to Governor Jay Inslee in late April, and the governor is widely expected to sign the bill into law. The bill includes four significant changes to Washington’s existing data breach notification requirements.
Read more »Tag: data breach
-
Legislative Alert: Updates to Washington Breach Notification Statute Expected Posted on: May 07, 2019 In: Data Privacy & Cybersecurity
-
The Threat Sitting Next To You: Defending Cyber Insider Attacks Posted on: May 03, 2019 In: Data Privacy & Cybersecurity
Each year, companies wisely invest in advanced perimeter security devices and software to secure their electronic data and thwart cyber attacks. Unfortunately, despite that well-reasoned approach, the greatest threat to data security may be someone within the organization’s own walls.
Read more »
-
Ransomware: Recommendations for Preparation and Response Posted on: January 03, 2019 In: Data Privacy & Cybersecurity
The response to an encryption attack can be very difficult. Encrypted critical data usually places a business in a crisis with no ability – or an extremely limited ability – to conduct basic operations. Too few organizations have developed incident response plans providing for contingent or out-of-band communications. Often, before consulting any incident response experts, the victim business has communicated with the attacker and revealed information that the attacker is able to leverage in negotiations.
Read more »
-
Cybersecurity Resolutions for 2019 Posted on: December 28, 2018 In: Data Privacy & Cybersecurity
A new year is upon us, which means people across the world will resolve to exercise more, eat healthier, eliminate financial debt and, most importantly, enhance their cybersecurity over the coming year. More than the typical New Year’s resolutions, improving your individual and corporate cybersecurity defenses can be easier to achieve and sustain. With that in mind, here are a few cybersecurity resolutions to add to your new year’s list, and a few tips for achieving them in 2019.
Read more »
-
New Canadian Data Breach Notification Requirements Take Effect as PIPEDA Amendments Come Into Force Posted on: October 31, 2018 In: Data Privacy & Cybersecurity
On November 1, 2018, the long-awaited amendments to Canada’s main federal data privacy law, the Personal Information Protection and Electronic Documents Act (PIPEDA), take effect.
Read more »
-
American Bar Association Issues Data Breach Guidance Posted on: October 23, 2018 In: Data Privacy & Cybersecurity
On October 17, 2018, the American Bar Association (ABA) released Formal Opinion 483 (the Opinion) which formally recognized that lawyers have an ethical duty to notify clients whose confidential information is compromised by a data breach.
Read more »
-
California Legislature Passes Benefit Reimbursement Law for Data Breach Victims Posted on: September 10, 2018 In: Data Privacy & Cybersecurity
The California legislature, in recognizing the vulnerability of state information systems to exploitation by malicious actors, recently passed legislation allowing state benefits to be reimbursed to affected persons if benefits are stolen through a data breach.
Read more »
-
Equifax Agrees to New Data Security Measures in Consent Order with Eight State Regulatory Agencies Posted on: July 25, 2018 In: Data Privacy & Cybersecurity
On September 7, 2017, the consumer reporting agency Equifax announced one of the most highly publicized cybersecurity incidents in history, which may have exposed more than 143 million Americans’ personally identifiable information (PII). Equifax claimed that malicious actors gained unauthorized access to certain files containing consumers’ PII, including Social Security numbers and payment card information, between May and July of 2017.
Read more »
-
Colorado Amends Data Breach Notification Statute Posted on: June 18, 2018 In: Data Privacy & Cybersecurity
On May 29, 2018, Colorado Governor John Hickenlooper signed House Bill (“HB”) 1128 into law, amending the State’s data breach notification statute and imposing significant new requirements on entities that must notify Colorado residents of a data incident pursuant to Colo. Rev. Stat. § 6-1-716.
Read more »
-
The United States of Data Breach Notification Posted on: April 10, 2018 In: Data Privacy & Cybersecurity
The absence of comprehensive federal legislation on data breach notification has led to the development of a patchwork of state laws to ensure that individuals receive timely notification of data breaches that might impact their personal data.
Read more »
-
Oregon Amends Data Breach Notification Law Posted on: April 09, 2018 In: Data Privacy & Cybersecurity
In March 2018, Oregon Governor Kate Brown signed into law new measures to strengthen the state’s existing data breach notification statute, ORS § 646A.604. The legislation is set to take effect in June 2018 and, among other things, will require organizations that experience a data breach affecting Oregon residents to notify affected individuals of the data breach within 45 days of its discovery, unless asked to delay notification by law enforcement.
Read more »
-
Virginia Imposes New Breach Notification Requirements on Tax Preparers Posted on: March 16, 2018 In: Data Privacy & Cybersecurity
On Friday, March 9, 2018, Virginia Governor Ralph Northam signed H.B. 183, which imposes data breach notification requirements on certain tax preparers. The bill, introduced by Delegate Hala S. Ayala, had unanimous support in both the Virginia House and Senate.
Read more »