News & Analysis as of

Data Protection Reporting Requirements

A&O Shearman

Zooming in on AI – #10: EU AI Act – What are the obligations for “high-risk AI systems”?

A&O Shearman on

Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more

Harris Beach PLLC

Key Considerations for Selling AI Software to the Government

Harris Beach PLLC on

The federal government is the biggest purchaser in America and that extends to the SaaS space. On September 24, 2024, the Office of Management and Budget (OMB) released Memorandum M-24-18, offering updated guidelines for the...more

Troutman Pepper

SEC Cybersecurity Incidents Disclosures: Materiality, Decryptors, and Ransom Payments - Dear Mary – Incidents + Investigations...

Troutman Pepper on

I work for a public company that recently experienced a ransomware attack. Fortunately, we were able to restore our business operations quickly by obtaining a decryption key from the threat actor. Given that we managed to get...more

J.S. Held

Benefits of a vCISO in the Age of AI-Driven Cyberattacks

J.S. Held on

Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more

Eversheds Sutherland (US) LLP

Global ESG Insights - May 2024

Welcome to the latest edition of our monthly ESG Insights providing you with a summary of the key developments from around the world. Global - IFRS Foundation releases jurisdictional adoption guide for ISSB Standards- On...more

Akerman LLP - Health Law Rx

FTC’s Updated Health Breach Notification Rule Puts Health App Developers on Notice

The Federal Trade Commission’s (FTC) years-long effort to modernize its Health Breach Notification Rule (HBNR) in the midst of a swiftly changing technological landscape appears to be coming to an end. On Thursday, May 30,...more

Katten Muchin Rosenman LLP

Canada's Privacy Regulator Lauches New Tools for Data Breach Reporting

On May 24, 2024, the Office of the Information and Privacy Commissioner of Canada (OPC) issued new guidance relating to data breach reporting for federal institutions and businesses....more

Littler

On the Horizon: Two New EU Directives for UK and Irish Employers

Littler on

On April 24, 2024, the European Parliament adopted the final text of two new directives, namely: the Platform Work Directive, aimed at improving working conditions and protection of personal data for those engaged in...more

Foley Hoag LLP - Security, Privacy and the...

SEC Revamps and Enhances Data Protections with Amendments to Regulation S-P

The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more

PilieroMazza PLLC

Coming Soon! CISA’s Proposed Rule on Government-wide Cybersecurity Reporting Requirements for Contractors

PilieroMazza PLLC on

The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more

Blake, Cassels & Graydon LLP

Projet de loi 194 de l’Ontario : Réforme de la LAIPVP et nouvelles exigences de signalement des atteintes à la vie privée

Le 13 mai 2024, le gouvernement de l’Ontario (le « gouvernement ») a déposé le projet de loi 194, Loi de 2024 visant à renforcer la cybersécurité et la confiance dans le secteur public (le « projet de loi 194 »). S’il est...more

Carlton Fields

4 Tips for Health Tech Apps After the FTC’s Revised Breach Notification Rule

Carlton Fields on

On April 26, the Federal Trade Commission announced its final rule updating the health breach notification rule. According to the FTC, the update seeks to “clarify” the scope of the rule by adding new definitions and revising...more

Blake, Cassels & Graydon LLP

New Ontario Bill 194 to Reform FIPPA and Introduce Mandatory Privacy Breach Reporting

On May 13, 2024, the Government of Ontario introduced Bill 194, the Strengthening Cyber Security and Building Trust in the Public Sector Act, 2024 (Bill 194), which, if passed, will significantly reform the Freedom of...more

Constangy, Brooks, Smith & Prophete, LLP

Utah amends data breach reporting requirements

The State of Utah recently amended its general data breach notification statute to update the content that must be reported to the Utah Attorney General or the Utah Cyber Center. The amendments also clarify when notifications...more

Bass, Berry & Sims PLC

Department of Defense Issues Class Deviation Delaying Application of NIST SP 800-171, Revision 3

On May 2, the Department of Defense (DOD) issued a class deviation to DFARS 252.204-7012 “to provide industry time for a more deliberate transition upon the forthcoming release of [National Institute of Standards and...more

NAVEX

Don't Be the Weakest Link – Your Team's Crucial Role in Cybersecurity

NAVEX on

Cybersecurity success depends on more than just technology. As we’ve seen in part one and part two of this series on cybersecurity risk, the costs of a cyber attack are high – and bad actors always look for the easiest entry...more

Sheppard Mullin Richter & Hampton LLP

Utah Breach Notice Law Amended, Effective May 1

Utah, among other privacy laws it has enacted or modified recently, has also modified its breach notification law. This follows last year’s changes to the law, which among other things codified the state’s Cyber Center....more

Ankura

The EU’s AI Act: Obligations of AI Users and GDPR Article 35

Ankura on

In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our article titled An Introduction to the EU AI Act, we focused on applicability, thresholds, timing, and penalties related to the EU...more

King & Spalding

Department of Homeland Security Proposes Rule for Reporting of Cyber Incidents

King & Spalding on

On April 4, 2024, the Cybersecurity and Infrastructure Security Agency (“CISA”) published for public comment a long-awaited proposed rule to implement the Cyber Incident Reporting for Critical Infrastructure Act of 2022...more

Mintz - Privacy & Cybersecurity Viewpoints

New Jersey Adopts a Comprehensive Data Privacy Law

2023 was a record-breaking year, with legislators in Delaware, Indiana, Iowa, Montana, Oregon, Tennessee and Texas passing comprehensive data privacy laws, joining California, Colorado, Connecticut, Utah and Virginia. Already...more

Hinckley Allen

Navigating Profound Change: CISA Announces Proposed Rule for Mandated Cyber Incident Reporting

Hinckley Allen on

In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more

Skadden, Arps, Slate, Meagher & Flom LLP

Hot Topics: AI and ESG

The US Government Is Using AI To Detect Potential Wrongdoing, and Companies Should Too With agencies such as the SEC and DOJ using AI and other data analytics tools extensively to detect wrongdoing, companies need to adopt...more

Orrick, Herrington & Sutcliffe LLP

Utah enshrines two acts to create cybersecurity notification guidelines

On March 19, Utah enacted SB 98 which amended the state’s online data security and privacy requirements. SB 98 will include new protocols that individuals and governmental entities must follow under its data breach reporting...more

Lowenstein Sandler LLP

Data Protection Demands Complicate CTA Compliance

Lowenstein Sandler LLP on

On Jan. 1, the Corporate Transparency Act (CTA) went into effect, premised on the belief that illicit actors use corporate structures like shell companies and fronts to hide their identities and launder criminal proceeds...more

Alston & Bird

Top 10 Issues General Counsel Need to Know About Ransomware in 2024

Alston & Bird on

Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more

160 Results
 / 
View per page
Page: of 7

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide