Data Privacy & Cybersecurity PracticeOn October 11, 2019, California Governor Gavin Newsom signed into law Assembly Bill 1130, which amends The Information Practices Act of 1977, as well as California Civil Code §§ 1798.29, 1798.81.5 and 1798.82. The bill expands the definition of “personal information” under the California data breach notification statutes applicable to businesses and to government agencies.
Read more »Tag: personal data
-
Legislative Alert: California Expands Definition of Personal Information Posted on: November 01, 2019 In: Data Privacy & Cybersecurity
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 3 of 3: Trends and Planning – What it All Means Posted on: June 07, 2019 In: Data Privacy & CybersecurityOn June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Protection Act (CCPA) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. The final installment of this three-part series will cover trends and planning.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 2 of 3: General Observations on Pending Amendments to the CCPA Posted on: June 05, 2019 In: Data Privacy & CybersecurityOn June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Protection Act (“CCPA”) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. Part 2 of this three-part series will look at pending amendments to the CCPA.
Read more »
-
CCPA’s Final Requirements in Flux, with Six Months to Go to Comply - Part 1 of 3: Where Does the Law Stand Now? Posted on: June 03, 2019 In: Data Privacy & CybersecurityOn June 28, 2018, the state of California enacted and then-Governor Jerry Brown signed the California Consumer Protection Act (CCPA) into law. The CCPA is a robust piece of legislation that substantially expanded the privacy rights of California residents regarding the collection, use, sale, and disclosure of their personal information by certain for-profit businesses that operate or do business in California. Part 1 of this three-part series will examine the current state of the law.
Read more »
-
HIPAA Breach Reporting: Focus on Remediation in Responding to an HHS/OCR Investigation Posted on: February 25, 2019 In: Data Privacy & CybersecurityLast year was another banner year for HIPAA data breaches reported to the Department of Human Services Office of Civil Rights (HHS/OCR), and the reporting period hasn’t yet closed, as organizations experiencing breaches affecting fewer than 500 individuals have until 60 days after the end of the calendar year in which the breach occurred to make the report.
Read more »
-
Massachusetts Amends Data Breach Law Notice Requirements, Mandates Credit Monitoring Services Posted on: January 24, 2019 In: Data Privacy & CybersecurityMassachusetts recently updated its breach notification statute, requiring an organization to provide additional services for individuals and greater disclosures to state regulators when a data breach occurs. The changes go into effect on April 10, 2019
Read more »
-
Modlishka – Exploiting Two-Factor Authentication Posted on: January 22, 2019 In: Data Privacy & CybersecurityTwo-factor authentication (2FA) is a commonly used means of securing access to website accounts through easily understood login procedures. Once the user provides the required information, whether a password or site generated code, a session cookie is generated and a secure session is established between the user and the site. But what if an unauthorized person eavesdrops and collects the 2FA information or session cookie?
Read more »
-
Cybersecurity Resolutions for 2019 Posted on: December 28, 2018 In: Data Privacy & CybersecurityA new year is upon us, which means people across the world will resolve to exercise more, eat healthier, eliminate financial debt and, most importantly, enhance their cybersecurity over the coming year. More than the typical New Year’s resolutions, improving your individual and corporate cybersecurity defenses can be easier to achieve and sustain. With that in mind, here are a few cybersecurity resolutions to add to your new year’s list, and a few tips for achieving them in 2019.
Read more »
-
California Enacts Sweeping, EU-Style Privacy Law Posted on: July 06, 2018 In: Data Privacy & CybersecurityOn June 28, 2018, California Governor Jerry Brown signed A.B. 375 into law, a robust bill that provides substantially broader privacy rights to California consumers regarding how certain businesses can collect, use, sell, and disclose their personal information. The new law requires such businesses to be more transparent in their data collection and sharing practices.
Read more »
-
GDPR, Part VII: A Brief Guide to the GDPR Posted on: May 02, 2018 In: Data Privacy & CybersecurityOn May 25, 2018, the European Union’s General Data Protection Regulation (GDPR) will take effect. The primary objectives of the GDPR are to return control of “personal data” to EU citizens and residents and to simplify the regulatory environment for international business by unifying regulations within the EU.
Read more »
-
GDPR, Part IV: The Data Subject Consent Provisions Posted on: November 21, 2017 In: Data Privacy & CybersecurityWith the forthcoming General Data Protection Regulation (GDPR) set to change the cybersecurity landscape of data collection and storage in the European Union (EU), one of the most important areas that organizations processing or storing EU citizens' data will need to ensure they are complying with is the GDPR's consent guidelines.
Read more »
-
GDPR, Part II: Personal Data Breach Notification Requirements Posted on: November 01, 2017 In: Data Privacy & CybersecurityThis seven-part series analyzes the ways in which the General Data Protection Regulation (GDPR), which goes into effect May 25, 2018, will impact the regulatory landscape for entities doing business with, or transacting in the data of European Union citizens. The first part of the series provides an overview of the history of pre-GDPR European data protection law. Future installments will each address a discrete aspect of the GDPR itself.
Read more »
Blog Search
Featured Posts
- November 05, 2019 Equal Pay and Barbie Dolls
- October 18, 2019 Four Employment Policy Pitfalls for Multi-Jurisdiction Businesses to Avoid
- October 17, 2019 I Can’t Get Sued for Posting a Picture of Myself on Social Media… Can I?
- September 23, 2019 Protecting Your Trade Secrets in the European Union
- September 09, 2019 Ransomware Attack Trends: Tips for Prevention & Response
Blog Tags
2fa
alabama
american bar association
arkansas
audit
biometric data
bipa
breach notification
california
canada
ccpa
client notification
colorado
congress
consent order
consumer consent
consumer notification
credit card fraud
credit report
critical security controls
cryptocurrency
cryptojacking
cybersecurity
cyber threat
data breach
data privacy
data privacy act
data security
department of financial services
digital forensics
dmarc
electronic information
electronic protected health information
employment
equifax
eu
eu-u.s. privacy shield
european parliament
european unioin
european union
fbi
fcra
federal trade commission
fines
forensics
fraud
fraud alert
gdpr
hacking
hhsocr
hippa
human resources
identity theft
illinois
incident response
internet service provider
irs
it
it professionals
legislative alert
malware
managed service providers
manufacturing
maryland
meltdown
michigan
microsoft office 365
model law
modlishka
money service business
multi-factor identification
naic
new jersey
new mexico
new york
ninth circuit
nist framework
nist security controls
oregon
passwords
personal data
personal information
phishing
pipeda
ransomware
regulations
security rule
social engineering
social media
south dakota
spectre
statute
supervisory authorities
supreme court
tax preparers
tax returns
utah
virginia
washington
workplace policy