Mauricio Paez

Mauricio Paez

Jones Day

Contact

Readers' Choice Awards

Cybersecurity
Cybersecurity
Cybersecurity
View Bio
RSS

Latest Posts › Data Security

Share:

Rhode Island Continues State-Level Adoption of Comprehensive Data Privacy Laws

Rhode Island is the latest state to adopt a comprehensive data privacy law, titled the Data Transparency and Privacy Protection Act....more

7/26/2024  /  Data Collection , Data Privacy , Data Protection , Data Security , Innovative Technology , Personal Data , Personal Information , Rhode Island , State and Local Government , State Privacy Laws

NIST Extends its Cybersecurity Framework to Cover Evolving Threats and Governance

The National Institute of Standards and Technology ("NIST") released a significant update to its framework, expanding its scope and reach to cover a broader audience and evolving cybersecurity risks and management issues....more

3/8/2024  /  Cyber Attacks , Cyber Threats , Cybersecurity , Data Privacy , Data Protection , Data Security , NIST , Popular , Risk Management

HHS Announces Upcoming Federal Strategies to Enhance Cybersecurity for Health Care and Public Health Sectors

The Department of Health and Human Services ("HHS") has released a concept paper outlining its new cybersecurity strategies for the health care sector, identifying cybersecurity priorities, potential future regulations and...more

1/12/2024  /  Centers for Medicare & Medicaid Services (CMS) , Cybersecurity , Data Privacy , Data Protection , Data Security , Department of Health and Human Services (HHS) , Federal Trade Commission (FTC) , Health Insurance Portability and Accountability Act (HIPAA) , Healthcare , OCR , Popular , Proposed Rules , Public Health , Regulatory Requirements , Risk Mitigation

FTC Seeks to Strengthen Privacy Protections of Children Online

On December 20, 2023, the Federal Trade Commission ("FTC") announced a Notice of Proposed Rulemaking ("NPRM") to revise the Children's Online Privacy Protection Act ("COPPA") Rule to reduce the amount of information...more

12/28/2023  /  Comment Period , COPPA , Cybersecurity , Data Privacy , Data Protection , Data Security , Enforcement Authority , Federal Trade Commission (FTC) , Notice of Proposed Rulemaking (NOPR) , Online Platforms , Online Safety for Children , Personal Information , Regulatory Agenda , Social Media

HHS Enters Into First-Ever Ransomware Resolution Agreement and Corrective Action Plan

The U.S. Department of Health and Human Services ("HHS") Office of Civil Rights ("OCR") has entered into its first settlement of potential Health Insurance Portability and Accountability Act ("HIPAA") violations arising out...more

12/6/2023  /  Cybersecurity , Data Breach , Data Privacy , Data Protection , Data Security , Department of Health and Human Services (HHS) , Electronic Protected Health Information (ePHI) , Health Insurance Portability and Accountability Act (HIPAA) , HIPAA Violations , Hospitals , Life Sciences , OCR , Ransomware

FTC Requires Non-Bank Financial Institutions to Report Data Security Breaches Under Amended Safeguards Rule

On Friday, October 27, the Federal Trade Commission ("FTC") announced new amendments to the Safeguards Rule, requiring covered financial institutions to report certain data breaches to the FTC and reflecting its continuing...more

11/13/2023  /  Cybersecurity , Data Protection , Data Security , Federal Trade Commission (FTC) , Financial Institutions , Financial Regulatory Reform , Financial Services Industry , FTC Act , Gramm-Leach-Blilely Act , New Amendments , Non-Bank Lenders , Personal Information , Popular , Privacy Rule , Risk Assessment , Risk Management , Safeguards Rule , Section 5

Oregon Becomes 11th State to Enact a Comprehensive Data Privacy Law

On July 18, 2023, Oregon Governor Tina Kotek signed Senate Bill 619, referred to as the "Oregon Consumer Privacy Act" ("OCPA" or "the Act"), making Oregon the 11th state to enact a comprehensive data privacy law....more

8/23/2023  /  Consumer Privacy Rights , Data Privacy , Data Protection , Data Security , New Legislation , Oregon , Personal Data , Popular , State Data Privacy Laws

Federal Court Grants the SEC Limited Access to the Identities of Law Firm Clients Impacted by a Cyberattack

In Short - The Situation: Following a cyberattack on a law firm's systems, the Securities and Exchange Commission ("SEC") subpoenaed the firm for information, including the identity of clients whose information may have...more

8/15/2023  /  Cyber Attacks , Cybersecurity , Data Breach , Data Protection , Data Security , Discovery , Enforcement Actions , Evidence , Fourth Amendment , Government Investigations , Hackers , Material Nonpublic Information , Personally Identifiable Information , Securities and Exchange Commission (SEC) , Subpoenas

Leading Technology Companies Agree to White House's AI Safeguards

On July 21, 2023, the White House announced that seven leading technology companies—Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI—voluntarily committed to mitigating the risks posed by artificial...more

7/25/2023  /  Algorithms , Artificial Intelligence , Biden Administration , Cybersecurity , Data Privacy , Data Protection , Data Security , Innovative Technology , Machine Learning , Regulatory Agenda , Regulatory Oversight , Risk Mitigation

European Union and United States Reach New Agreement for Data Flow Across the Atlantic

On July 10, 2023, the EU Commission adopted its adequacy decision for the EU-U.S. Data Privacy Framework, concluding that the United States ensures an adequate level of protection for personal data transferred from the...more

7/20/2023  /  Binding Corporate Rules , Cybersecurity , Data Privacy , Data Security , EU , General Data Protection Regulation (GDPR) , International Data Transfers , Schrems I & Schrems II , Standard Contractual Clauses

FTC Proposes to Impose Sweeping Restrictions on Tech Company's Ability to Profit From Youth Data

On May 3, 2023, the Federal Trade Commission ("FTC") issued an Order to Show Cause against Meta for alleged violations of Meta's 2012 and 2020 privacy orders and seeks to bar the company from monetizing data related to...more

5/10/2023  /  Data Collection , Data Privacy , Data Protection , Data Security , Federal Trade Commission (FTC) , Personal Information

My Health, My Data: Washington Enacts First State Comprehensive Health Privacy Law

The sweeping law imposes new requirements on the processing and sale of consumer health data in the state. On April 27, 2023, Washington State Governor Inslee signed the "My Health My Data Act" ("Act"). This Act marks the...more

5/2/2023  /  Data Privacy , Data Protection , Data Security , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , PHI

Iowa Becomes Sixth State to Enact a Comprehensive Data Privacy Law

On March 28, 2023, Iowa—following California, Colorado, Connecticut, Utah, and Virginia—became the sixth state to adopt a comprehensive consumer data privacy law. On March 28, 2023, Iowa Governor Kim Reynolds signed "An...more

4/6/2023  /  Cybersecurity , Data Privacy , Data Protection , Data Security , Personal Data

Vital Signs Digital Health Law Update | Winter 2023

Note From the Editors - We bring you Vital Signs, a curated, one-stop resource on the most notable digital health law updates from our U.S. and global contributors. In Industry Insights, our lawyers take an in-depth look at...more

2/10/2023  /  Business Associates , Covered Entities , Data Breach , Data Privacy , Data Protection , Data Security , Health Care Providers , Health Insurance Portability and Accountability Act (HIPAA) , Popular

Consumer Health Information and Increased Scrutiny: FTC Brings First Action Under Health Breach Notification Rule

The Federal Trade Commission ("FTC") has brought its first enforcement action for violations of the Health Breach Notification Rule ("HBNR"), signaling heightened federal agency scrutiny of digital health platforms,...more

2/10/2023  /  Breach Notification Rule , Cybersecurity , Data Breach , Data Protection , Data Security , Enforcement Actions , Federal Trade Commission (FTC) , Health Insurance Portability and Accountability Act (HIPAA)

Australian Government Serious About Data Privacy: Substantial Increases in Fines and Enhanced Regulatory Powers

In Short - The Situation: Following a number of high-profile cyber incidents resulting in significant data breaches, the Australian Government has doubled down on its efforts to strengthen privacy laws and cybersecurity...more

1/6/2023  /  Australia , Corporate Counsel , Cybersecurity , Data Privacy , Data Protection , Data Security , Office of Australian Information Commissioner (OAIC) , Popular

Rising Global Regulation for Artificial Intelligence

Across multiple continents and industries, artificial intelligence ("AI") is a topic of intense focus by governments, research institutions, investors, and corporations—from start-ups to well-established industry players. As...more

12/19/2022  /  Artificial Intelligence , Cybersecurity , Data Privacy , Data Protection , Data Security , Machine Learning , Popular

United States Signs Executive Order to Implement EU-U.S. Trans-Atlantic Data Privacy Framework

On October 7, 2022, President Biden signed an executive order on "Enhancing Safeguards for United States Signals Intelligence Activities," outlining the measures that the United States will take to implement its commitments...more

10/14/2022  /  Cybersecurity , Data Privacy , Data Protection , Data Security , EU-US Privacy Shield , Executive Orders , Personal Data , Standard Contractual Clauses

European Commission Proposes Legislation Imposing New Cybersecurity Requirements on Digital Products

On September 15, 2022, the European Commission ("EU") published a proposal for a Cyber Resilience Act, the first EU-wide legislation introducing a single set of cybersecurity rules for hardware and software products placed in...more

10/3/2022  /  Cybersecurity , Data Protection , Data Security , EU , European Commission , Popular , Proposed Regulation

California Attorney General Signals CCPA Enforcement Priorities in $1.2 Million Sephora Settlement

On August 24, 2022, California Attorney General Rob Bonta announced his office's first privacy enforcement action and settlement against a publicly disclosed entity, Sephora, Inc., for violations of the CCPA, including the...more

9/9/2022  /  California Consumer Privacy Act (CCPA) , Consumer Privacy Rights , Cybersecurity , Data Privacy , Data Protection , Data Security , Personal Information , Sephora

Federal Privacy and Data Security Regulation on the Horizon: The FTC Announces Proposed Rulemaking

The Federal Trade Commission announced on August 11, 2022, that it is seeking public comment regarding its Advanced Notice of Proposed Rulemaking on commercial surveillance and data security. The Federal Trade Commission...more

8/18/2022  /  Cybersecurity , Data Privacy , Data Protection , Data Security , Federal Trade Commission (FTC) , Public Comment

With New Proposed Regulations, the California Privacy Protection Agency Begins its Rulemaking

On July 8, the CPPA officially began the formal rulemaking process for new privacy regulations—many of which operationalize new CPRA requirements. With the publication of the Notice of Proposed Rulemaking, the 45-day initial...more

7/21/2022  /  California Privacy Rights Act (CPRA) , Consumer Privacy Rights , Data Privacy , Data Security , Proposed Regulation , State Privacy Laws

Utah Becomes Fourth State to Enact a Comprehensive Data Privacy Law

On March 24, 2022, Utah followed California, Virginia, and Colorado in adopting a comprehensive consumer data privacy law. On March 24, 2022, Utah Governor Spencer Cox signed the Consumer Privacy Act ("Act"), making Utah...more

4/7/2022  /  Cybersecurity , Data Breach , Data Controller , Data Processors , Data Protection , Data Security , New Legislation , Personal Data , Personally Identifiable Information , Regulatory Reform , State Data Privacy Laws

President Biden Signs Cyber Incident Reporting for Critical Infrastructure Act

On March 15, 2022, President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (the "Act"), creating new requirements for organizations operating in critical infrastructure sectors to...more

3/18/2022  /  Biden Administration , Critical Infrastructure Sectors , Cyber Attacks , Cyber Incident Reporting , Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) , Cybersecurity , Data Breach , Data Breach Plans , Data Protection , Data Security , New Legislation , Popular , Regulatory Reform , Reporting Requirements

Jones Day Global Privacy & Cybersecurity Update | Vol. 27

United States - Regulatory—Policy, Best Practices, and Standard - NIST Unveils Draft Guidance to Protect Critical Infrastructure - On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more

1/8/2021  /  CNIL , Consumer Privacy Rights , Court of Justice of the European Union (CJEU) , Cybersecurity , Cybersecurity Framework , Data Breach , Data Privacy , Data Protection , Data Protection Authority , Data Security , European Data Protection Board (EDPB) , General Data Protection Regulation (GDPR) , Information Commissioner's Office (ICO) , NIST , Personal Data , Popular , Risk Management
34 Results
 / 
View per page
Page: of 2
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide