alabama arkansas audit biometric data bitcoin breach notification california ccpa client notification colorado congress consumer notification coronavirus covid-19 cpra credit reporting cryptocurrency cybersecurity cyber threat data breach data privacy data privacy directive data protection officer data security department of commerce dhs district of columbia email employment equifax ethereum eu eu-u.s. privacy shield european union executive order fbi fcra federal communication federal trade commission financial fraud kill chain forensics fraud gdpr hacking healthcare hhsocr hipaa holiday season hospitals human resources identity theft illinois incidence response plan incident response planning information security insider attacks internet crime irs legislative alert malware managed service providers manufacturing maryland medicaid medicare microsoft office 365 multi-factor identification net neutrality new jersey new mexico new york ninth circuit nist security controls nydfs patching personal data personal information phishing protected health information ransomware rdp regulations security posture assessment service provider agreement social engineering social media statute supreme court tax return tax returns tennessee third party utah video-teleconferencing virginia w2 washington websites workplace policy zoom