Compliance Perspective: What's New in Healthcare Privacy
Webinar: Investigating and Resolving Sexual Assaults on Campus
On April 4, 2024, Kentucky became the fifteenth state to enact a comprehensive data privacy law, with Governor Andy Beshear signing the Kentucky Consumer Data Protection Act (KCDPA) into law. The Kentucky law will go into...more
“Cybersecurity” has emerged as one of top risks facing organizations. Considering the steady stream of massive data breaches affecting millions (sometimes billions), the debilitating effects of ransomware on an organization’s...more
A threshold consideration for businesses trying to understand the actors that enforce U.S. consumer privacy laws is an analysis of which laws apply to that business. This is because U.S. consumer privacy laws exist as a...more
On May 4, 2022, the Connecticut legislature passed S.B. 6 entitled the “Connecticut Data Privacy Act” (CDPA) with the bill now moving to Governor Ned Lamont’s desk for signature. Although Governor Lamont is generally expected...more
On April 28, 2022, the Connecticut legislature took the final step to become very close to passing comprehensive consumer privacy legislation as the Connecticut House of Representatives voted 144-5 in favor of Senate Bill 6,...more
School districts must consider the sanctity and privacy of data they maintain, as a recent decision underscores from the New York State Education Department’s Office of the Chief Privacy Officer. This alert explains the...more
Steptoe & Johnson PLLC and Exclamation Labs invite you to a joint webcast to help institutions mitigate cybersecurity issues and identity governance risks. Our panel of technology and legal professionals will discuss: -...more
Recently the Health Care Compliance Association released the new Health Care Privacy Handbook, 3rd Edition. https://www.hcca-info.org/health-care-privacy-handbook To learn what’s new in the book and in healthcare privacy...more
School leaders are often understandably confused as to which law applies to health- or medical-related records in schools: The Family Educational Rights and Privacy Act (FERPA) or the Health Insurance Portability and...more
On October 7, the Federal Trade Commission (FTC or the “Commission”) brought together privacy and technology stakeholders for a public workshop aimed at informing updates to regulations promulgated under the Children’s Online...more
Data breaches are inevitable. 2017 was the “year of the data breach,” with more exposure of personally identifiable information (“PII”) than ever before. If you were one of the 30% of US-based consumers who were notified of a...more
On May 25, 2018, the European Union will begin enforcing the General Data Protection Regulation (GDPR), which enacts strict standards for the handling, retaining, and processing of the personal data of any individual located...more
Recently-issued guidance from the U.S. Department of Education (ED) threatens to “yank” Title IV funding for post-secondary institutions lacking appropriate data security safeguards....more
The second post in the series on common legal and regulatory pitfalls that alternative education providers must proactively avoid focuses on data privacy and security. Learn more about student data privacy and best practices...more
In the past few years, we have seen the explosion of “big data,” “data analytics,” “data aggregation,” “predictive modeling,” and “data breaches.” None of these terms existed when I graduated from law school. We have...more
As New York public schools increase the use of technology in day-to-day operations and in the classroom, they increasingly face data management and data security threats similar to those faced by businesses and non-profit...more
Last week, Common Sense Media ("CSM") announced that it is undertaking an ambitious initiative to evaluate and grade the student data privacy practices of EdTech companies that provide products, apps, or services for use in...more
When it comes to cyberattack targets, many think of retailers and associated credit card transactions or customer information, or perhaps healthcare providers with their ever-increasing storage and transmission of electronic...more
We leave breadcrumbs of biometric information scattered around our daily lives, which may be collected and used by private entities, often without our knowledge or consent. The sound of your voice when you call your bank’s...more
In light of numerous recent data breaches, cybersecurity has emerged as an issue impacting organizations ranging from the local hardware store to the largest multi-national firms in the world. In short, no industry is immune...more