On July 19, California’s recently appointed Attorney General, Rob Bonta, launched an interactive tool to aid consumers with drafting notices of noncompliance for businesses who fail to publish the “Do Not Sell My Personal...more
Ransomware victims face a nearly impossible decision: pay criminals holding their business hostage or refuse and face possible crippling consequences. This decision requires careful analysis of a number of considerations, and...more
2/25/2021
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Hackers ,
Incident Response Plans ,
Information Technology ,
New Guidance ,
NYDFS ,
Personally Identifiable Information ,
Popular ,
Ransomware
Companies in the life sciences and health care industry, like most companies, navigated unparalleled challenges in 2020. But unlike other industries, they had to do so while simultaneously facing the biggest challenge of all...more
As we have previously highlighted, the California Privacy Rights Act (CPRA) creates a new category of personal information, called “sensitive personal information.” While the CPRA’s predecessor, the California Consumer...more
Virginia is on track to be the second U.S. state to enact comprehensive consumer privacy legislation. Both the Virginia House of Delegates and the Virginia Senate have passed nearly identical versions of the Consumer Data...more
2/10/2021
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Legislative Agendas ,
Personal Data ,
Personally Identifiable Information ,
Regulatory Agenda ,
Risk Management ,
State and Local Government
There has been a significant development in the ongoing debate regarding the scope of the authority of the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) to issue penalties under the Health...more
There has been a significant development in the ongoing debate regarding the scope of the authority of the Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) to issue penalties under the Health...more
HIPAA Privacy Rule changes that have the potential to significantly impact patients, covered entities, and business associates were proposed by the Department of Health and Human Services (HHS) in a Notice of Proposed...more
In response to the significant rise in ransomware attacks since the start of the COVID-19 pandemic and just in time for Cybersecurity Awareness Month, the Department of the Treasury’s Financial Crimes Enforcement Network...more
10/6/2020
/ AML/CFT ,
BSA/AML ,
Cyber Crimes ,
Cyber Insurance ,
Cybersecurity ,
Economic Sanctions ,
Financial Institutions ,
Financial Transactions ,
FinCEN ,
Money Services Business ,
National Security ,
Office of Foreign Assets Control (OFAC) ,
Popular ,
Privacy Concerns ,
Ransomware ,
Suspicious Activity Reports (SARs)
California’s “Genetic Information Privacy Act” (SB 980), vetoed on September 25, 2020 by Governor Gavin Newsom, would have established obligations for direct-to-consumer (“DTC”) genetic testing companies and others that...more
9/29/2020
/ Consumer Privacy Rights ,
Coronavirus/COVID-19 ,
Diagnostic Tests ,
Direct to Consumer Sales ,
DNA ,
Genetic Materials ,
Genetic Testing ,
Governor Newsom ,
Governor Vetoes ,
Human Genes ,
Infectious Diseases ,
Legislative Agendas ,
Life Sciences ,
Pharmaceutical Industry ,
State and Local Government
COVID-19 and IT service provider contracts: A checklist for force majeure events -
The COVID-19 pandemic, and the various restrictions that have been implemented in response to it, are causing extraordinary business...more
On June 1, The California Attorney General (CA AG) submitted the final text of the CCPA regulations to the California Office of Administrative Law (OAL) for approval. ...more
6/2/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
The COVID-19, and the various restrictions that have been implemented in response to it, are causing extraordinary business disruptions. Many organizations have had to modify their operational controls and accommodate a shift...more
On March 11, The California Attorney General (CA AG) released a second set of modifications to the proposed regulations implementing the California Consumer Privacy Act (CCPA)....more
3/13/2020
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Digital Service Providers ,
Information Governance ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Agenda ,
Regulatory Requirements ,
Right to Delete ,
Rulemaking Process ,
State and Local Government ,
State Attorneys General
On Friday, February 7, 2020, the California Attorney General (CA AG) released notice of changes to the California Consumer Privacy Act (CCPA) draft regulations. Initial draft regulations were published for public comment on...more
2/10/2020
/ California Consumer Privacy Act (CCPA) ,
Comment Period ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Rulemaking Process ,
State and Local Government
Washington State is already shaping up as a center of state privacy legislation for 2020.
Last year, SB 5376 (also known as the Washington Privacy Act, or WPA) gained significant traction in the legislature, passing the...more
1/14/2020
/ Biometric Information ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Data Collection ,
Data Privacy ,
Data Protection ,
Facial Recognition Technology ,
General Data Protection Regulation (GDPR) ,
Legislative Agendas ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Portability ,
Proposed Legislation ,
Right to Delete ,
State and Local Government
On October 17, 2019, the Hogan Lovells Privacy and Cybersecurity team discussed key elements of the California Attorney General’s proposed regulations implementing certain provisions of the California Consumer Privacy Act...more
11/5/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Deletion ,
Data Management ,
Data Privacy ,
Data Protection ,
Information Governance ,
Opt-In ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Proposed Regulation ,
Regulatory Agenda ,
Right to Delete ,
Rulemaking Process ,
State and Local Government
Since the California Consumer Privacy Act’s (CCPA) hasty passage in June last year and minor changes last September, the CCPA has vexed businesses working on compliance. Among many practical challenges, the CCPA often...more
9/25/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Fair Credit Reporting Act (FCRA) ,
Legislative Agendas ,
Opt-Outs ,
Personal Data ,
Personally Identifiable Information ,
Privacy Laws ,
Regulatory Agenda ,
Request For Information ,
Rulemaking Process ,
State and Local Government
Nevada has a new privacy law. On May 29, Nevada Governor Steve Sisolak signed Senate Bill 220 (SB-220) into law, making Nevada the first state to join California in granting consumers the right to opt out of the sale of their...more
6/3/2019
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Protection ,
Data-Sharing ,
New Legislation ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws ,
State and Local Government
In a dramatic turn, the US Department of Health and Human Services (HHS) has announced that effective immediately, penalties for many HIPAA violations will be subject to substantially reduced limits. ...more
Investing in the life sciences industry without an understanding of the key regulatory factors that could determine a product’s success or failure could cost you millions of dollars....more
This is the seventh installment in Hogan Lovells’ series on the California Consumer Privacy Act.
The application of the California Consumer Protection Act of 2018 (“CCPA”) to employee data has been the subject of much...more
10/26/2018
/ Anti-Discrimination Policies ,
California Consumer Privacy Act (CCPA) ,
Data Collection ,
Data Privacy ,
Employee Privacy Rights ,
Employer Liability Issues ,
Employment Records ,
Opt-Outs ,
Personally Identifiable Information ,
Popular ,
Privacy Laws
This is the sixth installment in Hogan Lovells’ series on the California Consumer Privacy Act.
The California Consumer Privacy Act of 2018 (CCPA) adds another set of privacy requirements for health and life sciences...more
10/8/2018
/ California Consumer Privacy Act (CCPA) ,
Clinical Trials ,
CMIA ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Exemptions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Life Sciences ,
Nonprofits ,
Personally Identifiable Information ,
Privacy Laws