Starting Jan. 15, 2025, the New Jersey Data Protection Act (the “Act”) goes into effect. If you are thinking, “Yawn, yet another state privacy law that reads like gibberish but luckily doesn’t affect my company,” you may be...more
3/4/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
New Jersey ,
New Legislation ,
State Data Privacy Laws ,
State Privacy Laws
In a first for both cybersecurity and securities law, a ransomware company filed a complaint with the U.S. Securities and Exchange Commission (“SEC”) against its own hacking victim for failure to disclose the hack itself. The...more
Paying the $1.3 million fine is the easy part. Complying with the CAP is a different undertaking.
On Sept. 11, 2023, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced an...more
9/19/2023
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Fines ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Violations ,
Hospitals ,
Physicians
On Aug. 2, we distributed an alert about the U.S. Securities and Exchange Commission’s (SEC) July 26, 2023, adoption of the Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. Our focus in that...more
“Material Cybersecurity Incident” Standard Will Have a Monumental Impact on Current Cyber Disclosure Requirements -
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted the Cybersecurity Risk...more
In a significant milestone for EU-U.S. cross-border transfers of personal data under Article 45 of the General Data Protection Regulation (GDPR), the European Commission adopted an adequacy decision for the new EU-U.S. Data...more