On May 9, 2024, Governor Wes Moore signed the Maryland Online Data Privacy Act (MODPA) making Maryland the seventeenth state to enact a comprehensive data privacy law. The law takes effect October 1, 2025, but it does not apply to…
On May 9, 2024, Governor Wes Moore signed the Maryland Online Data Privacy Act (MODPA) making Maryland the seventeenth state to enact a comprehensive data privacy law. The law takes effect October 1, 2025, but it does not apply to…
On October 27, 2021, the Federal Trade Commission (“FTC”) announced new updates to the Gramm-Leach-Bliley Act (“GLBA”) by amending the Standards for Safeguarding Customer Information, known as the “Safeguards Rule,” and issuing a final rule (the “Final Rule”). The Safeguards…
Well thought-out internal privacy policies and procedures are an essential part of any company’s information management program. These internal policies should not be confused with a company’s external privacy notice, which informs the company’s customers as to how it may…
Since the 1970’s, fair information practices (FIPs) or fair information privacy practices (FIPPs) have formed the framework around which organizations structure their policies on data collection, use, disclosure, and retention. The cornerstone of individual privacy rights under the FIPs is…
California continues to pave the way for privacy and cybersecurity legislation as Governor Brown recently signed the first Internet of Things (“IoT”) security law in the United States (SB-327). While connected devices offer users convenience and efficiency, California lawmakers recognized…
The Securities and Exchange Commission (“SEC” or “Commission”) has given public companies a heads up on where the Commission is setting its sights in the ever-developing world of cybersecurity. Here’s what you need to know, and what you need to…
The European Union (EU) Parliament’s new data privacy law, known as the General Data Protection Regulation (GDPR), is set to become enforceable in all EU member states on May 25, 2018, just six months from now. The GDPR replaces the…
Former Equifax chief Richard Smith returned to Capitol Hill for a second day of congressional hearings into his company’s data breach, this time appearing before the Senate Banking, Housing, and Urban Affairs Committee. Committee Chairman Mike Crapo (R-ID) characterized the…
No business is too small to be the victim of a cyberattack. In fact, as larger companies invest more resources in cybersecurity, attackers are beginning to target smaller, less secure businesses. It is important for every small business to understand…
If you’re a CISO living in New York get ready for the phone calls!!! On September 13, 2016, Governor Andrew M. Cuomo proposed the nation’s first cybersecurity regulation. Starting on September 28, 2016 there is a limited 45 day window…