December is a busy time for businesses and individuals alike and the last thing anyone wants is more on their to-do list. However, we encourage organizations to take stock of their privacy program, and to pay particular attention to the new privacy laws that will become effective on January 1, 2023: the California Privacy Rights Act (CPRA) and the Virginia Consumer Data Protection Act (VCDPA). Businesses with operations in these states should assess whether the new laws apply to them and what to do next.
Read more »Tag: virginia
-
Just In Time: Last Minute Compliance Tips for the CPRA and VCDPA Posted on: December 06, 2022 In: Data Privacy & Cybersecurity
-
Privacy Protection Patchwork, Part I: New Comprehensive State Privacy Laws and How They Could Impact Your Business Posted on: June 06, 2022 In: Data Privacy & Cybersecurity
The number of states enacting comprehensive privacy laws is growing, adding to the existing patchwork of privacy, security, and data breach notification laws that keep legal and compliance personnel busy. This five-part series will highlight key provisions in a few of the new comprehensive privacy laws and regulations. Each week we will examine laws in a new state and provide recommendations on what steps businesses should consider taking. We begin with the Virginia Consumer Data Protection Act.
Read more »
-
Virginia’s Consumer Data Protection Act: Not Quite The CCPA Posted on: March 02, 2021 In: Data Privacy & Cybersecurity
Though it seems Virginia is following California’s lead by becoming the second state with its own comprehensive data privacy legislation, Virginia’s Consumer Data Protection Act (CDPA) diverges from the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) in that it is far more business-friendly and does not have the “teeth” that the CCPA does.
Read more »
-
Legislative Alert: Virginia Expands Insurance Data Security Requirements Posted on: March 31, 2020 In: Data Privacy & Cybersecurity
On February 25, 2020, the Virginia State Legislature passed House Bill 1334, the Insurance Data Security Act, which establishes data security requirements applicable to persons licensed by the insurance laws of the Commonwealth. Following on other state laws that have created data security regimes applicable to the insurance industry, the Virginia law requires licensees to maintain the security of information systems and nonpublic information.
Read more »
-
Virginia & Utah Amend Data Breach Statutes Posted on: April 09, 2019 In: Data Privacy & Cybersecurity
On March 18, 2019, the commonwealth of Virginia enacted House Bill (HB) 2396, amending the commonwealth’s data breach notification statute. Specifically, HB 2396 expanded the commonwealth’s definition of “personal information” sufficient to trigger a notification obligation following a data security incident. Effective July 1, 2019, “personal information” will be defined to include both passport number and military identification number in addition to those data sets that were previously regulated.
Read more »
-
Virginia Imposes New Breach Notification Requirements on Tax Preparers Posted on: March 16, 2018 In: Data Privacy & Cybersecurity
On Friday, March 9, 2018, Virginia Governor Ralph Northam signed H.B. 183, which imposes data breach notification requirements on certain tax preparers. The bill, introduced by Delegate Hala S. Ayala, had unanimous support in both the Virginia House and Senate.
Read more »
-
State of the (State) Data Breach Laws: 2017 Legislative Update, Part III Posted on: October 24, 2017 In: Data Privacy & Cybersecurity
With 2017 nearing its end, the legislative activity in most state capitals has wound down and the majority of legislatures have ended their 2017 sessions. In Part I and Part II of our series, we looked at how a number of states amended or enacted data breach notification-related legislation (Arkansas, Delaware, Maryland, New Mexico, and Tennessee).
Read more »