On April 14, 2025, the National Institute of Standards and Technology (NIST) released a draft update to the NIST Privacy Framework 1.1. The updates are meant to enhance organizations’ data governance and risk management and...more
Educational technology (EdTech) tools were critical during the COVID-19 pandemic and remain a key part of education, from digital textbooks and instructional material, to interactive applications for teachers, parents, and...more
10/31/2024
/ COPPA ,
Data Collection ,
EdTech ,
Educational Institutions ,
FERPA ,
Personal Data ,
Privacy Laws ,
Regulatory Agenda ,
SOPIPA ,
State Privacy Laws ,
Students ,
Technology Sector
The US Department of Defense (DoD) published a final rule codifying the Cybersecurity Maturity Model Certification (CMMC) Program. The final CMMC rule will apply to all DoD contractors and subcontractors that will process,...more
The US Department of Defense (DoD) took the next step in implementing the Cybersecurity Maturity Model Certification (CMMC) Program on August 15, 2024, when it issued a Proposed Rule to amend the Defense Federal Acquisition...more
In this series of articles, we explore the different certification requirements of CMMC Levels 1, 2 and 3; the impact on contractors and external service providers; and proposed next steps...
On December 26, 2023, the US...more
4/26/2024
/ Certification Requirements ,
Comment Period ,
Cyber Incident Reporting ,
Cybersecurity ,
Cybersecurity Framework ,
Cybersecurity Maturity Model Certification (CMMC) ,
DCMA ,
Department of Defense (DOD) ,
DFARS ,
Federal Contractors ,
Regulatory Requirements ,
Risk Assessment ,
Risk Management
In this series of articles, we explore the different certification requirements of CMMC Levels 1, 2 and 3; the impact on contractors and external service providers; and proposed next steps...
On December 26, 2023, the US...more
In this series of articles, we explore the different certification requirements of CMMC Level 1, 2 and 3, the impact on contractors and external service providers, and proposed next steps...
On December 26, 2023, the US...more
1/9/2024
/ Certification Requirements ,
Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Defense Sector ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
NIST ,
Proposed Rules ,
Subcontractors
On December 26, 2023, the US Department of Defense (DoD) published its long-awaited proposed rule codifying the Cybersecurity Maturity Model Certification (CMMC) Program. The proposed CMMC rule will apply to all DoD...more
12/29/2023
/ Controlled Unclassified Information (CUI) ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Department of Defense (DOD) ,
DFARS ,
Federal Acquisition Regulations (FAR) ,
Federal Contractors ,
Popular ,
Proposed Rules ,
Regulatory Requirements ,
Security Controls
In February 2023, the Brazilian National Data Protection Authority (ANPD) published the rules for the application of sanctions and the methodology for calculating fines for violation of their General Data Protection Law...more
4/18/2023
/ Brazil ,
Continuing Legal Education ,
Corrective Actions ,
Data Privacy ,
Data Protection ,
Data Protection Authority ,
Data Security ,
Enforcement Actions ,
Fines ,
New Rules ,
Penalties ,
Personally Identifiable Information ,
Sanctions ,
Webinars
On June 16, 2022, the US Department of Defense (DoD) issued a memorandum (DoD Memo) “reminding” contracting officers that noncompliance with the Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7012,...more
7/1/2022
/ Compliance ,
Corporate Counsel ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
Enforcement Actions ,
Federal Contractors ,
NIST ,
Policy Memorandums
California, Virginia and Colorado have new privacy laws coming into effect in 2023. But now is the time to start preparing your business or organization for compliance.
In this video series, we examine the different aspects...more
2/8/2022
/ California Privacy Rights Act (CPRA) ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Protection Acts ,
New Legislation ,
Personally Identifiable Information ,
Privacy Acts ,
Privacy Laws ,
Sensitive Personal Information ,
State Privacy Laws
As a wave of potential privacy legislation sweeps across the country, California continues to lead the way. The recently enacted California Privacy Rights Act (CPRA) adds to the groundbreaking 2018 California Consumer...more
2/19/2021
/ California Consumer Privacy Act (CCPA) ,
California Privacy Rights Act (CPRA) ,
Continuing Legal Education ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Subjects Rights ,
Enforcement Actions ,
Privacy Laws ,
Private Right of Action ,
Risk Mitigation ,
Webinars
Standard, everyday appliances like dishwashers and ovens, and necessary devices such as lights and thermostats, are increasingly likely to be Wi-Fi enabled, allowing them to send and receive data. These objects are widely...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
1/16/2020
/ Automation Systems ,
Best Practices ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consent ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Data Subjects Rights ,
Discovery ,
Events ,
Information Security ,
Information Technology ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Assessment ,
Vendor Contacts ,
Vendors
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
1/14/2020
/ Automation Systems ,
Best Practices ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consent ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Data Subjects Rights ,
Discovery ,
Events ,
Information Security ,
Information Technology ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
Risk Assessment ,
Vendor Contacts ,
Vendors
Effective January 1, 2020, the California Consumer Privacy Act (CCPA) will give broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
11/4/2019
/ Automation Systems ,
Best Practices ,
California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Data Collection ,
Data Privacy ,
Data Security ,
Data Subjects Rights ,
Discovery ,
Events ,
Information Security ,
Information Technology ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
Vendor Contacts
On October 10, 2019, the California Attorney General released proposed regulations to implement the California Consumer Privacy Act (CCPA), including substantial new requirements not included in the CCPA. Here we offer a...more
10/15/2019
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Notice Requirements ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Requirements ,
State Attorneys General
The California Legislature passed several bills amending the forthcoming California Consumer Privacy Act (CCPA). Although the amendments contain some significant changes, outlined here, the most important and groundbreaking...more
9/20/2019
/ Amended Legislation ,
B2B Organizations ,
B2B Transactions ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Fair Credit Reporting Act (FCRA) ,
Governor Newsom ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Private Right of Action
California has taken bold steps to regulate the privacy and security of personal information, creating unprecedented remedies for data breaches and recognized European-style rights for consumers in their data.
On September...more
8/9/2019
/ Big Data ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Continuing Legal Education ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Emerging Technology Companies ,
Events ,
Information Technology ,
Popular ,
Risk Management ,
Security Risk Assessments ,
State Data Privacy Laws