Data Privacy & Cybersecurity PracticeOn March 2, 2021, Microsoft released a new patch to address four zero-day exploits being used to attack on-premises Microsoft Exchange Servers. The United States Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) has urged vulnerable businesses to read Microsoft’s update and apply patches to their systems as necessary.
Read more »Tag: data privacy
-
ALERT: Zero-Day Vulnerabilities Being Exploited to Attack On-Premises Microsoft Exchange Servers Posted on: March 04, 2021 In: Data Privacy & Cybersecurity
-
Virginia’s Consumer Data Protection Act: Not Quite The CCPA Posted on: March 02, 2021 In: Data Privacy & CybersecurityThough it seems Virginia is following California’s lead by becoming the second state with its own comprehensive data privacy legislation, Virginia’s Consumer Data Protection Act (CDPA) diverges from the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) in that it is far more business-friendly and does not have the “teeth” that the CCPA does.
Read more »
-
Canada Introduces Legislation to Revamp Federal Privacy Landscape Posted on: February 16, 2021 In: Data Privacy & CybersecurityThe Canadian House of Commons introduced draft legislation that, if enacted, would align federal Canadian privacy law with the European Union’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). The draft legislation, titled the Consumer Privacy Protection Act (CPPA), proposes significant advancements to the current legal regime governing personal data.
Read more »
-
Top Five Cybersecurity Suggestions for 2021 Posted on: February 12, 2021 In: Data Privacy & CybersecurityAs hard as it is to believe, we are already more than a month into 2021 – and our Data Privacy & Cybersecurity Team is well on its way to managing over 2,000 data security incidents this year. It serves as an important reminder that a few cybersecurity suggestions can have a big impact as we embrace the months to come. The following are our top five suggestions to enhance the security of your network, detect intruders more quickly, and reduce the scope and expense of data security events this year.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part V: New & Expanded Consumer Rights Posted on: February 08, 2021 In: Data Privacy & CybersecurityThe newly-passed California Privacy Rights Act (CPRA) includes additional and expanded consumer rights not currently existing under the California Consumer Privacy Act (CCPA). This fifth installment in our series about the changes to the CCPA brought by the CPRA focuses on consumers’ new rights of correction and access to certain personal information and revisions to certain existing consumer rights in the CCPA, including rights to know (and access), deletion, non-discrimination, and rights for minors.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part IV: Data Minimization & Retention Posted on: January 26, 2021 In: Data Privacy & CybersecurityThe fourth installment in our ongoing series about changes to the California Consumer Privacy Act (CCPA) focuses on the new data minimization and data retention requirements for subject businesses created by the passage of the California Privacy Rights Act (CPRA) on November 3, 2020. These provisions also obligate subject entities to implement business-wide internal policy changes to accommodate the possible need to change their data collection and retention policies before the CPRA is fully operative.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape, Part II: CPRA’s Covered “Businesses” & Exemptions Posted on: December 29, 2020 In: Data Privacy & CybersecurityCalifornia voters’ approval of the California Privacy Rights Act (CPRA), a privacy ballot initiative that amends and expands the California Consumer Privacy Act (CCPA), is a significant development in the U.S. privacy world. In this second installment of our Digital Insights series on the major changes effected by the CPRA, we discuss what qualifies as a regulated "business" under the Act, and what data exemptions exist.
Read more »
-
CCPA 2.0 and the Changing Privacy Landscape: CPRA’s Definition and Treatment of “Sensitive Personal Information” Posted on: December 23, 2020 In: Data Privacy & CybersecurityOn November 3, 2020, Californians approved Proposition 24, a ballot measure creating the California Privacy Rights Act (CPRA), which amends and expands the provisions and requirements of the California Consumer Privacy Act (CCPA). In this Digital Insights series on the CPRA, we will highlight and detail some of the most substantive and important modifications the new law will impose on the CCPA, and what those changes mean to businesses subject to California’s ever-evolving privacy regime.
Read more »
-
Legislative Alert: California Passes Genetic Information Privacy Act Posted on: September 24, 2020 In: Data Privacy & CybersecurityOn August 31, 2020, the California Senate passed SB 980, establishing the Genetic Information Privacy Act, which would require direct-to-consumer genetic testing companies to comply with certain privacy and data security provisions. Whether the Act is ultimately signed into law and made a part of the California privacy landscape remains to be seen. Yet it is the latest effort by The Golden State to impose additional data privacy restrictions and extend rights to consumers concerning personal information.
Read more »
-
California Legislature Extends CCPA Exemptions for Employees’ Personal Information & “Business-to-Business” Exchanges to 2022 Posted on: September 24, 2020 In: Data Privacy & CybersecurityBut for limited exemptions added to the California Consumer Privacy Act (CCPA) last year, personal information exchanged in the employment context, and personal information collected through “business-to-business” exchanges, would be subject to all requirements of the CCPA. Those exemptions were set to expire next year. However, the California legislature has recently voted, through Assembly Bill 1281, to extend the exemptions until January 1, 2022.
Read more »
-
A Time for Reflection: Advisen’s 2020 Cyber Law Firm of the Year Award Posted on: July 15, 2020 In: Data Privacy & CybersecurityLewis Brisbois' Data Privacy & Cybersecurity Team recently received Advisen’s 2020 “Cyber Law Firm of the Year” award for the second year in a row. We are proud of this accomplishment and grateful for Advisen’s recognition, as well as the dedication of our attorneys and industry partners. Receiving this honor provides us with more than simply a reason to celebrate. It also gives us a chance to reflect upon the work that we performed last year and to determine how best to serve our clients in the future.
Read more »
-
Business Email Compromise Attacks on the Rise in 2020 Posted on: June 18, 2020 In: Data Privacy & CybersecurityA business email compromise (BEC) is a cyber crime that utilizes access to an organization’s email to defraud that organization and its employees, customers, or partners. In 2020, COVID-19 has provided attackers with a new source for BEC exploits. Attackers are taking advantage of the need for communications surrounding COVID-19 and increased remote work connections from employee home networks to their employers’ corporate networks.
Read more »
Blog Search
Featured Posts
- December 04, 2020 Respect and Communication: Pathways to Productive and Satisfied Employees
- December 03, 2020 The Second Wave is Here – N.J. Executive Order 192 Imposes New Pandemic-Related Requirements for Employers
- November 10, 2020 California Voters Make CCPA 2.0 a Reality – California Privacy Rights Act Ballot Measure Passes
- May 29, 2020 Seventh Circuit Court of Appeals Recent Decision in Molson-Coors v. Anheuser-Busch Affirms Lesson: Choose Words Wisely
Blog Tags
alabama
arkansas
audit
biometric data
breach notification
california
canada
ccpa
client notification
colorado
congress
consumer consent
consumer notification
consumer rights
coronavirus
covid-19
cpra
credit card fraud
credit report
cryptocurrency
cybersecurity
cyber threat
data breach
data privacy
data privacy act
data security
dmarc
ecj
electronic information
electronic protected health information
email
employment
equifax
eu
eu-u.s. privacy shield
european unioin
european union
executive order
fbi
fcra
federal trade commission
fraud
gdpr
hacker
hacking
healthcare
hhs ocr
hhsocr
hipaa
holiday season
hssocr
human resources
identity theft
illinois
incident response
information security
internet service provider
irs
legislation
legislative alert
malware
managed service providers
maryland
meltdown
michigan
microsoft office 365
money service business
multi-factor authentication
multi-factor identification
new jersey
new mexico
new york
ninth circuit
nist framework
nist security controls
online operators
opt out
passwords
personal data
personal information
phishing
protected health information
ransomware
regulations
security rule
social engineering
social media
spectre
statute
supreme court
tax returns
twea
utah
video-teleconferencing
virginia
w2
washington
websites
workplace policy
zoom