The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
No Password Required: Founder of Cybersafe Foundation and an Obama Foundation Africa Leaders Fellow, Who Is Comfortable in the API Kitchen
Podcast - Robots, Rights and New Tech: Balancing Innovation and Data Privacy
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 211: Cybersecurity and Privacy Risks for the Healthcare Industry with Brandon Robinson of Maynard Nexsen
The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
The US privacy legal landscape continues to expand in 2024, with most of the momentum led by state laws. ...more
23andMe agreed to pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
In today’s digital landscape, many organizations may face the unfortunate reality of a data breach. This second installment of a five-part series on employee data privacy will explore the key areas of risk that human...more
Getting the business to say “yes” to data privacy isn’t easy. Yet it remains one of the central tasks a data privacy professional must undertake. After all, you can’t protect consumers, protect your organization, and achieve...more
In a recent federal case from New York, the court dealt a blow to plaintiffs suing over data breaches. The plaintiffs had filed a putative class action suit, alleging that they (and others like them) had been harmed by the...more
This webinar focuses on the privacy, security, regulatory, and litigation landscape that the healthcare sector is facing in in the privacy and cybersecurity arena. Leveraging Polsinelli’s experience working with healthcare...more
On August 27, the U.S. District Court for the Eastern District of North Carolina granted a plaintiff’s unopposed motion for preliminary approval of a class action settlement related to an insurance company’s data breach that...more
When a prominent cloud storage company recently suffered a critical data breach that quickly developed into one of the largest data breaches of all time, it served as a wake-up call to companies to ensure that their data...more
Companies doing business in Mexico should review relevant policies and practices to ensure they align with the country’s comprehensive data privacy framework. Specifically, you’ll want to assess your privacy notices, data...more
A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more
The recent indictment of Maksim Silnikau, a Belarusian and Ukrainian national, is a clear reminder that cybercriminals are becoming more sophisticated and bold....more
The Federal Trade Commission (FTC) has updated its Health Breach Notification Rule that applies to non-HIPAA, consumer health data. Among the revisions, the FTC expanded or introduced key definitions and modified the...more
Le 4 juillet 2024, la Cour d’appel de la Colombie-Britannique (la « CACB ») a rendu deux jugements d’appel en matière d’actions collectives dans des contextes de fuite de données. Ce faisant, la CACB a clarifié la portée...more
Pennsylvania recently amended their data breach notification law in a way that turns the status quo on its head. The law, Senate Bill 824, adds an obligation to provide regulatory notice and tweaks the definition of personal...more
On July 4, 2024, the B.C. Court of Appeal issued a duo of class action appeal decisions considering the potential scope of statutory and common law privacy claims against data custodians that fall victim to cyberattacks in...more
Pennsylvania-based Geisinger Health System said it experienced a breach impacting more than 1.27 million patients when a former employee of vendor Nuance Communications Inc., a Microsoft Corp. subsidiary, accessed patient...more
To the surprise of some, Governor DeSantis recently vetoed a bill that would have provided businesses with a defense to claims arising from “cybersecurity incidents” that lead to data breaches – so long as they met a few...more
On July 1, 2024, the amendments to the Health Breach Notification Rule (HBNR) went into effect. First promulgated in 2009, the HBNR applies to vendors of personal health records — entities that are not covered by the Health...more
The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more
On July 29, 2024, the FTC’s revised Health Breach Notification Rule (HBNR) takes effect. The Rule requires vendors of personal health records (PHRs) and related entities not covered by HIPAA to notify individuals, the FTC,...more
In May 2024, the New York State Department of Health (“NYSDOH”) issued revisions to proposed regulations on hospital cybersecurity that it first released in November 2023. The proposed revised regulations are subject to...more
This year, the federal government has made significant changes to longstanding health care privacy rules, while state lawmakers continue to enact privacy restrictions on consumer health data. These reforms modify legal...more
SEC Fines the New York Stock Exchange’s Parent Company $10 million for Failure to Promptly Notify Its Subsidiaries of Cybersecurity Breach - On May 22, 2024, the Securities and Exchange Commission (“SEC”) imposed a $10...more
Class action lawsuits have been on a record-setting upward trend in recent years and they aren’t showing any signs of slowing. According to the Duane Morris Class Action Review 2024, settlement numbers reached unprecedented...more