On April 4, 2025, the California Privacy Protection Agency (CPPA) Board met to discuss the latest draft California Consumer Privacy Act (CCPA) regulations related to cybersecurity audits, risk assessments, automated...more
The firm is pleased to distribute the Q3/Q4 2024 edition of All Eyes on AI: Regulatory, Litigation, and Transactional Developments, which closely follows the evolving regulatory landscape for artificial intelligence (AI) in...more
On July 16, 2024, the California Privacy Protection Agency (CPPA) Board met to discuss advancing a substantial draft California Consumer Privacy Act (CCPA) rulemaking package to formal proceedings. The proposed...more
8/8/2024
/ Artificial Intelligence ,
California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Privacy ,
Data Protection ,
Popular ,
State Privacy Laws
In the first half of 2024, seven new states—Kentucky, Maryland, Minnesota, Nebraska, New Hampshire, New Jersey, and Rhode Island—all enacted their takes on comprehensive privacy laws, bringing the total number of states with...more
On June 20, 2024, the United States District Court for the Northern District of Texas ordered the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) to vacate its guidance that had restricted...more
6/26/2024
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Popular ,
Texas ,
Web Tracking
On March 18, 2024, the Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) updated its guidance on the use of online tracking technology by covered entities regulated by the Health...more
3/26/2024
/ Business Associates ,
Covered Entities ,
Cybersecurity ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Privacy Rule ,
OCR ,
PHI ,
Popular
On June 16, 2023, the Federal Trade Commission (FTC) announced a proposed settlement agreement (in the form of a stipulated order) with genetic testing company Vitagene, Inc., now known as 1Health.io (1Health.io), for...more
On April 27, 2023, Washington State Governor Jay Inslee signed a far-reaching health privacy law entitled the “My Health My Data Act” (the Act), which extends protections to consumer health data collected by entities not...more
On March 28, 2023, Iowa Governor Kim Reynolds signed “An Act Relating to Consumer Data Protection” (SF 262) (ICDPA), making Iowa the sixth U.S. state to enact a comprehensive consumer privacy law following California,...more
On March 15, 2023, the Colorado Attorney General’s (Colorado AG) office released the final version of the Colorado Privacy Act (ColoPA) rules (the final rules), which are based on public comments on the third version of the...more
On March 2, 2023, the Federal Trade Commission (FTC) announced a proposed settlement agreement (also referred to as “proposed consent order”) with BetterHelp, Inc., an online counseling service, for allegedly disclosing its...more
On January 27, 2023, the Colorado Attorney General’s (Colorado AG) office released the third version of its proposed draft rules (third draft) for the Colorado Privacy Act (ColoPA) based on public comments it received on...more
On January 27, 2023, the California Attorney General (California AG) Rob Bonta announced an “investigative sweep” of mobile apps in retail, travel, and food service industries for failing to provide a mechanism for—or...more
On December 21, 2022, the Colorado Attorney General’s office published an updated version of proposed draft rules (“modified draft rules”) to the Colorado Privacy Act (ColoPA), which revise the initial draft rules issued in...more
On November 3, 2022, the California Privacy Protection Agency (CPPA, or the Agency) issued modified proposed regulations implementing the California Privacy Rights Act (CPRA),1 which revise the initial proposed regulations...more
On October 31, 2022, the Federal Trade Commission (FTC) announced a complaint and proposed consent order against Chegg, an edtech company, over its security practices that resulted in four security breaches in three years....more
On October 24, 2022, the Federal Trade Commission (FTC) announced a proposed consent order against Drizly and its CEO, James Cory Rellas, over the online alcohol marketplace company’s data breach incident in 2020, which...more
10/27/2022
/ Cyber Attacks ,
Cyber Crimes ,
Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Hackers ,
Personally Identifiable Information ,
Risk Mitigation