State legislatures continue to take privacy matters into their own hands while talks of a federal privacy law linger. Indiana is set to become the seventh state to enact a comprehensive privacy law when Senate Bill No. 5 is...more
Washington State (“Washington”) is preparing to break new ground in the privacy law space, as its legislature finalizes the “My Health My Data Act“ which will further regulate how health data of Washington residents should be...more
On March 30, 2023, the California Office of Administrative Law (OAL) formally approved regulations that will govern the applicability and enforcement of the California Privacy Rights Act (CPRA)....more
As we continue to wait for a potential federal privacy law, the State of Iowa became the sixth state to pass a comprehensive state privacy law (Senate File 262) on March 28th when Governor Kim Reynolds signed the legislation....more
On March 3, 2023, the White House released the National Cybersecurity Strategy. The White House described this as the blueprint for a long-term effort by the Biden administration in cooperation with Congress and the private...more
Last week the Illinois Supreme Court issued its long awaited opinion in the Cothron v. White Castle System, Inc. In Cothron, the Seventh Circuit Court of Appeals had certified a question of Illinois law to the Illinois...more
On December 21, 2022, the Colorado Attorney General (“AG”) issued its latest set of draft regulations for the Colorado Privacy Act, which takes effect on July 1, 2023. The draft regulations revise an earlier set published on...more
On October 7th, the long-awaited Executive Order on Enhancing Safeguards for United States Signals Intelligence Activities was signed by U.S. President Joe Biden (Fact Sheet located here). The Executive Order directed the...more
On March 1, 2017, New York’s Department of Financial Services (“NYDFS”) implemented a comprehensive cybersecurity regulation aimed at financial institutions (the “Cybersecurity Regulation”)....more
What are the new rules?
Earlier this year, the Securities and Exchange Commission (“SEC”) published a new set of proposed cybersecurity disclosure rules for public companies. The proposed rules would significantly increase...more
Throughout 2022, we continue to see regulators placing an emphasis on the importance of protecting and securing information, in particular consumer personal information, at both the federal and state levels.
...more
10/6/2022
/ Breach Notification Rule ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Employee Training ,
Encryption ,
Health Insurance Portability and Accountability Act (HIPAA) ,
NYDFS ,
Opt-Outs ,
Popular ,
Private Right of Action ,
Proposed Amendments ,
Risk Assessment ,
Securities and Exchange Commission (SEC) ,
State Privacy Laws
Over the last two years, many states have taken cues from California and the EU by adopting sweeping privacy laws. These laws, passed in Virginia, Colorado, Connecticut and Utah, as well as updates to the already enacted...more