Reports of sophisticated cyberattacks and ransomware threats dominated 2021 headlines, along with evolving state data privacy laws in the absence of comprehensive federal data protection regulation. Cross-border data transfers between the EU and US still lack a clear, streamlined mechanism while national authorities continue to negotiate an EU-US Privacy Shield replacement. The past year also
Privacy Law Blog
Blog Authors
Latest from Privacy Law Blog
Notable Trends in Privacy and Data Security
COVID-19, the California Consumer Privacy Act (CCPA) coming into force, and the invalidation of the EU-US Privacy Shield already made 2020 an especially active year for privacy and data security risks and obligations. Rounding out the year, December then brought discovery of the unprecedented Solarwinds cyberattack affecting government agencies, critical infrastructure entities and others.
Thus, looking ahead,…
The Future of the FTC: Part I
On January 21, 2021, President Biden designated Federal Trade Commission (the “FTC”) Commissioner Rebecca Kelly Slaughter as acting chair of the FTC. Soon thereafter in one of her first speeches in her new role, Chairwoman Slaughter announced two substantive areas of priority for the FTC – the COVID-19 pandemic and racial equity.…
CCPA: California Attorney General Releases Final Proposed Regulations
On June 1, 2020, the California Attorney General’s office released the third and final set of CCPA proposed regulations. (Available here). Below, we provide information about the final proposed regulations and enforcement actions.…
Cybersecurity: SEC and Other Regulators
In today’s world, cybersecurity breaches and threats are pervasive concerns for any business entity, without exception. Working from home arrangements due to COVID-19 constraints only magnify the risk and create further vulnerabilities for companies. Companies should be aware of (1) the key cyber threats they face, (2) the consequences of a breach, and (3) the…
Trends in Privacy and Data Security
Privacy and cybersecurity remain top priorities for regulators and companies alike, as the threats posed by large-scale data breaches and other cyber incidents show no signs of waning. Companies and their counsel must monitor privacy and data security-related enforcement trends, new laws and regulations, and key emerging issues to mitigate risks and minimize potential liability.…
HHS to Exercise Enforcement Discretion to Permit HIPAA Business Associates to Use and Disclose PHI to Public Health Authorities during the COVID-19 Health Crisis
On April 2, 2020, the Office for Civil Rights (OCR) at the U.S Department of Health and Human Services released a notification related to the discretion that OCR will exercise concerning HIPAA enforcement during the COVID-19 public health emergency. Effective immediately, OCR will not impose penalties for violations of certain provisions of the HIPAA Privacy…
Amid Pandemic Remaining New York SHIELD Act Data Security Requirements Have Taken Effect
The developing coronavirus pandemic affects businesses and personnel within the state and elsewhere. With more New Yorkers working from home, there are more opportunities for cyberattacks through unsecure remote connections and the public concern growing each day.
The New York SHIELD (“Stop Hacks and Improve Electronic Data Security”) Act was signed to law…
FTC Ramps up COVID-19 Activity After Improving its Data Security Enforcement Orders
With the spread of the novel coronavirus (COVID-19), cybersecurity criminals and scammers are ramping up their efforts to target vulnerable employers and workforces. The FTC announced today that since January they have received more than 7,800 fraud complaints from consumers related to the COVID-19 pandemic. But the FTC isn’t slowing down either. Even with the…
Privacy Considerations for Employers and Health Care Providers When Communicating about Coronavirus-Infected Individuals
This alert focuses on the ongoing and developing privacy issues that have arisen for employers and healthcare providers communicating about the 2019 novel coronavirus (COVID-19). Specifically, we will discuss the steps that employers and healthcare companies need to consider when communicating to its employees, the media and general public, and government officials when an individual…