With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more
1/8/2025
/ Comment Period ,
Covered Entities ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Employer Group Health Plans ,
HIPAA Security Rule ,
Professional Employer Organization ,
Proposed Rules ,
Public Comment ,
Risk Assessment
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
11/13/2024
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Deletion ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Security ,
Data Subject Access Requests ,
Data-Sharing ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
Privacy Policy ,
State Privacy Laws ,
Third-Party Risk ,
Vendor Contacts ,
Vendors
A California federal court recently ruled that disclosure of certain data collected through website cookies that may qualify as health information could trigger a data breach under the California Consumer Privacy Act (CCPA) –...more
8/14/2024
/ California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Cookies ,
Corporate Counsel ,
Cybersecurity ,
Data Breach ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
PHI ,
Popular ,
Websites
To the surprise of some, Governor DeSantis recently vetoed a bill that would have provided businesses with a defense to claims arising from “cybersecurity incidents” that lead to data breaches – so long as they met a few...more
2023 was the most devastating year yet for ransomware attacks, with businesses forking over $1 billion in ransom payments for the first time ever – and 2024 is expected to be even worse. Beyond the payments, the average cost...more
2/22/2024
/ Artificial Intelligence ,
Cloud Storage ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Employee Training ,
Employer Liability Issues ,
Encryption ,
Incident Response Plans ,
Popular ,
Ransomware
Governor Gavin Newsom just signed into law two amendments to the California Consumer Privacy Act (CCPA) that will have a direct impact on employers doing business in the state. The new amendments, signed on October 11, 2019...more
10/14/2019
/ Amended Legislation ,
California Consumer Privacy Act (CCPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Data Breach ,
Data Collection ,
EEO-1 ,
Employer Liability Issues ,
Exemptions ,
Governor Newsom ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Opt-Outs ,
Personally Identifiable Information ,
Privacy Laws ,
State Data Breach Notification Statutes
Since my last blog post about SB 1121, the California Senate voted to send SB 1121 to the state Assembly. The on May 30 vote was very close, 22-13, only one above the 21-vote threshold for passing the bill and strictly along...more
SB 1121, which is making its way through the California Legislature, would allow businesses to be sued for data breaches even when no one was actually injured. This includes being sued for failing to implement and maintain...more
No! It is a common misconception among the general public that someone always has to pay when there is a data breach. It is understandable that individuals affected by a data breach will be upset, distraught, and even angry....more
11/15/2017
/ Best Practices ,
Civil Liability ,
Data Breach ,
Data Privacy ,
Data Security ,
Duty of Care ,
Expert Witness ,
Failure to Mitigate ,
Federal Breach Notification Standard ,
Identity Protection Services ,
Identity Theft ,
Negligence ,
Penalties ,
Personally Identifiable Information ,
Private Right of Action ,
Security Audits ,
State Data Breach Notification Statutes ,
Statutory Violations ,
Trade Secrets
Employers have a legal obligation to safeguard and protect a variety of information hosted in the workplace. Unfortunately, when it comes to workplace data breaches, the question is not if you will suffer one, but when....more