Lisa Ropple

Lisa Ropple

Jones Day

Contact

Readers' Choice Awards

Data Privacy
Cybersecurity
View Bio
RSS

Latest Posts › Data Security

Share:

New York Imposes Stringent Cybersecurity and Cyber Incident Reporting Obligations on Hospitals

New York recently passed new cybersecurity regulations for hospitals licensed in New York to enhance patient safety and cybersecurity....more

11/7/2024  /  Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Healthcare Facilities , Hospitals , Information Technology , New Legislation , New York , Personally Identifiable Information , PHI , Regulatory Reform

First Tranche of Australia's Much Anticipated Privacy Law Reforms Revealed

The first wave of Australia's expansive privacy law reforms has been introduced into Federal Parliament in the Privacy and Other Legislation Amendment Bill 2024 (Cth) ("Bill")....more

10/29/2024  /  Australia , Cybersecurity , Damages , Data Breach , Data Privacy , Data Protection , Data Security , Invasion of Privacy , Personally Identifiable Information , Proposed Regulation , Regulatory Agenda , Regulatory Reform

Rhode Island Continues State-Level Adoption of Comprehensive Data Privacy Laws

Rhode Island is the latest state to adopt a comprehensive data privacy law, titled the Data Transparency and Privacy Protection Act....more

7/26/2024  /  Data Collection , Data Privacy , Data Protection , Data Security , Innovative Technology , Personal Data , Personal Information , Rhode Island , State and Local Government , State Privacy Laws

China Finalizes Provisions on Cross-Border Data Transfer

Chinese authorities issued new regulations and guidance governing cross-border transfers of data and personal information, which will significantly reduce procedural and compliance burdens for many multinationals....more

4/1/2024  /  China , Cybersecurity , Data Protection , Data Security , Data Transfers , International Data Transfers , Personal Information , Standard Contractual Clauses

NIST Extends its Cybersecurity Framework to Cover Evolving Threats and Governance

The National Institute of Standards and Technology ("NIST") released a significant update to its framework, expanding its scope and reach to cover a broader audience and evolving cybersecurity risks and management issues....more

3/8/2024  /  Cyber Attacks , Cyber Threats , Cybersecurity , Data Privacy , Data Protection , Data Security , NIST , Popular , Risk Management

FTC Seeks to Strengthen Privacy Protections of Children Online

On December 20, 2023, the Federal Trade Commission ("FTC") announced a Notice of Proposed Rulemaking ("NPRM") to revise the Children's Online Privacy Protection Act ("COPPA") Rule to reduce the amount of information...more

12/28/2023  /  Comment Period , COPPA , Cybersecurity , Data Privacy , Data Protection , Data Security , Enforcement Authority , Federal Trade Commission (FTC) , Notice of Proposed Rulemaking (NOPR) , Online Platforms , Online Safety for Children , Personal Information , Regulatory Agenda , Social Media

HHS Enters Into First-Ever Ransomware Resolution Agreement and Corrective Action Plan

The U.S. Department of Health and Human Services ("HHS") Office of Civil Rights ("OCR") has entered into its first settlement of potential Health Insurance Portability and Accountability Act ("HIPAA") violations arising out...more

12/6/2023  /  Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Violations , Hospitals , Life Sciences , OCR , Ransomware

FTC Requires Non-Bank Financial Institutions to Report Data Security Breaches Under Amended Safeguards Rule

On Friday, October 27, the Federal Trade Commission ("FTC") announced new amendments to the Safeguards Rule, requiring covered financial institutions to report certain data breaches to the FTC and reflecting its continuing...more

11/13/2023  /  Cybersecurity , Data Protection , Data Security , Federal Trade Commission (FTC) , Financial Institutions , Financial Regulatory Reform , Financial Services Industry , FTC Act , Gramm-Leach-Blilely Act , New Amendments , Non-Bank Lenders , Personal Information , Popular , Privacy Rule , Risk Assessment , Risk Management , Safeguards Rule , Section 5

Oregon Becomes 11th State to Enact a Comprehensive Data Privacy Law

On July 18, 2023, Oregon Governor Tina Kotek signed Senate Bill 619, referred to as the "Oregon Consumer Privacy Act" ("OCPA" or "the Act"), making Oregon the 11th state to enact a comprehensive data privacy law....more

8/23/2023  /  Consumer Privacy Rights , Data Privacy , Data Protection , Data Security , New Legislation , Oregon , Personal Data , Popular , State Data Privacy Laws

Federal Court Grants the SEC Limited Access to the Identities of Law Firm Clients Impacted by a Cyberattack

In Short - The Situation: Following a cyberattack on a law firm's systems, the Securities and Exchange Commission ("SEC") subpoenaed the firm for information, including the identity of clients whose information may have...more

8/15/2023  /  Cyber Attacks , Cybersecurity , Data Breach , Data Protection , Data Security , Discovery , Enforcement Actions , Evidence , Fourth Amendment , Government Investigations , Hackers , Material Nonpublic Information , Personally Identifiable Information , Securities and Exchange Commission (SEC) , Subpoenas

European Union and United States Reach New Agreement for Data Flow Across the Atlantic

On July 10, 2023, the EU Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework, concluding that the United States ensures an adequate level of protection for personal data transferred from the...more

7/20/2023  /  Binding Corporate Rules , Cybersecurity , Data Privacy , Data Security , EU , General Data Protection Regulation (GDPR) , International Data Transfers , Schrems I & Schrems II , Standard Contractual Clauses

FTC Proposes to Impose Sweeping Restrictions on Tech Company's Ability to Profit From Youth Data

On May 3, 2023, the Federal Trade Commission ("FTC") issued an Order to Show Cause against Meta for alleged violations of Meta's 2012 and 2020 privacy orders and seeks to bar the company from monetizing data related to...more

5/10/2023  /  Data Collection , Data Privacy , Data Protection , Data Security , Federal Trade Commission (FTC) , Personal Information

Iowa Becomes Sixth State to Enact a Comprehensive Data Privacy Law

On March 28, 2023, Iowa—following California, Colorado, Connecticut, Utah, and Virginia—became the sixth state to adopt a comprehensive consumer data privacy law. On March 28, 2023, Iowa Governor Kim Reynolds signed "An...more

4/6/2023  /  Cybersecurity , Data Privacy , Data Protection , Data Security , Personal Data

Australian Government Serious About Data Privacy: Substantial Increases in Fines and Enhanced Regulatory Powers

In Short - The Situation: Following a number of high-profile cyber incidents resulting in significant data breaches, the Australian Government has doubled down on its efforts to strengthen privacy laws and cybersecurity...more

1/6/2023  /  Australia , Corporate Counsel , Cybersecurity , Data Privacy , Data Protection , Data Security , Office of Australian Information Commissioner (OAIC) , Popular

United States Signs Executive Order to Implement EU-U.S. Trans-Atlantic Data Privacy Framework

On October 7, 2022, President Biden signed an executive order on "Enhancing Safeguards for United States Signals Intelligence Activities," outlining the measures that the United States will take to implement its commitments...more

10/14/2022  /  Cybersecurity , Data Privacy , Data Protection , Data Security , EU-US Privacy Shield , Executive Orders , Personal Data , Standard Contractual Clauses

California Attorney General Signals CCPA Enforcement Priorities in $1.2 Million Sephora Settlement

On August 24, 2022, California Attorney General Rob Bonta announced his office's first privacy enforcement action and settlement against a publicly disclosed entity, Sephora, Inc., for violations of the CCPA, including the...more

9/9/2022  /  California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Privacy , Data Protection , Data Security , Personal Information , Sephora

Federal Privacy and Data Security Regulation on the Horizon: The FTC Announces Proposed Rulemaking

The Federal Trade Commission announced on August 11, 2022, that it is seeking public comment regarding its Advanced Notice of Proposed Rulemaking on commercial surveillance and data security. The Federal Trade Commission...more

8/18/2022  /  Cybersecurity , Data Privacy , Data Protection , Data Security , Federal Trade Commission (FTC) , Public Comment

China to Start Implementing Restrictions on Cross-Border Transfers of Personal Information

In Short - The Situation: China released new regulations and guidelines to clarify the procedural requirements companies must satisfy for the cross-border transfer of personal information under the Personal Information...more

8/3/2022  /  China , Cybersecurity , Data Privacy , Data Protection , Data Security , International Data Transfers , Personal Information , Personal Information Protection Law (PIPL)

With New Proposed Regulations, the California Privacy Protection Agency Begins its Rulemaking

On July 8, the CPPA officially began the formal rulemaking process for new privacy regulations—many of which operationalize new CPRA requirements. With the publication of the Notice of Proposed Rulemaking, the 45-day initial...more

7/21/2022  /  California Privacy Rights Act (CPRA) , Consumer Privacy Rights , Data Privacy , Data Security , Proposed Regulation , State Privacy Laws

Utah Becomes Fourth State to Enact a Comprehensive Data Privacy Law

On March 24, 2022, Utah followed California, Virginia, and Colorado in adopting a comprehensive consumer data privacy law. On March 24, 2022, Utah Governor Spencer Cox signed the Consumer Privacy Act ("Act"), making Utah...more

4/7/2022  /  Cybersecurity , Data Breach , Data Controller , Data Processors , Data Protection , Data Security , New Legislation , Personal Data , Personally Identifiable Information , Regulatory Reform , State Data Privacy Laws

President Biden Signs Cyber Incident Reporting for Critical Infrastructure Act

On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the "Act"), creating new requirements for organizations operating in critical infrastructure sectors to...more

3/18/2022  /  Biden Administration , Critical Infrastructure Sectors , Cyber Attacks , Cyber Incident Reporting , Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) , Cybersecurity , Data Breach , Data Breach Plans , Data Protection , Data Security , New Legislation , Popular , Regulatory Reform , Reporting Requirements

China Issues Draft Guidance on Security Assessments for Cross-Border Data Transfers

The Cyberspace Administration of China has issued draft guidance on applying for and conducting security assessments for cross-border data transfers for public comment. On October 29, 2021, the Cyberspace Administration of...more

11/10/2021  /  China , Comment Period , Consumer Privacy Rights , Cybersecurity , Data Privacy , Data Protection , Data Security , Extraterritoriality Rules , International Data Transfers , Personal Information , Personal Information Protection Law (PIPL) , Popular , Public Comment , Regulatory Reform , Regulatory Requirements

Highlights of China's New Personal Information Protection Law

The PIPL imposes extensive obligations on organizations and individuals engaged in "handling" of personal information, which is defined to include "collection, storage, use, processing, transmission, provision, disclosure,...more

9/10/2021  /  China , Consumer Privacy Rights , Data Privacy , Data Processors , Data Protection , Data Security , Extraterritoriality Rules , Personal Information , Personal Information Protection Law (PIPL) , Popular , Regulatory Reform , Regulatory Requirements

China's New Data Security Law Restricts Cross-Border Transfers of All Data to Foreign Authorities

When the DSL goes into effect on September 1, 2021, it will impose certain restrictions on a company's ability to transfer data out of China without the prior approval of Chinese authorities. One significant restriction is...more

8/27/2021  /  China , Consumer Privacy Rights , Corporate Counsel , Cybersecurity , Data Protection , Data Security , Foreign Official , International Data Transfers , Multinationals , Personal Data , Personally Identifiable Information , Popular

China Finalizes Data Security Law to Strengthen Regulation on Data Protection

On June 10, 2021, the Standing Committee of the 13th National People's Congress passed the long awaited People's Republic of China (China) Data Security Law ("DSL") after a final read of the third draft. The DSL, which takes...more

6/21/2021  /  China , Corporate Counsel , Critical Infrastructure Sectors , Cybersecurity , Data Processing Rules , Data Processors , Data Protection , Data Security , General Data Protection Regulation (GDPR) , Information Technology , International Data Transfers , National Security , New Legislation , Regulatory Reform
35 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide