Following in the footsteps of California, and the European Union’s General Data Protection Regulation, the State of Washington is taking steps to adopt a comprehensive privacy law focused on protecting consumer information. SB 5376, better known as the Washington Privacy Act, passed in the Washington State Senate on March 6, 2019 by a vote of … Continue reading
By Bret Buckler and Todd Taylor Recently the state of California passed a data privacy and security law called the California Consumer Privacy Act (“CCPA”) (Assembly Bill 375, found here).
Now that the cameras have gone, the booster cushion has been removed from the witness chair, and Mark Zuckerberg is comfortably back in in Palo Alto, having survived his marathon two-days of testimony in front of a somewhat confused Congress, what’s next?
With major consumer data breaches making headlines on a semi-regular basis, legislators around the country are starting to hold businesses more accountable for cybersecurity compliance. Industry-specific laws such as HIPAA and the Gramm-Leach-Bliley Act (GLBA) already establish federal data security standards for some companies, and the Federal Trade Commission has taken the position that failure … Continue reading
PRIVACY AND DATA SECURITY IN THE TRUMP ERA: HOW TO TALK TO THE FBI AND YOUR IT DEPARTMENT IN A DATA BREACH (MAY 24, 2017): Effectively responding to a data breach requires clear communication with a web of internal and external groups. Two important groups are law enforcement and a company’s internal IT department. With the … Continue reading
CONTRACTING FOR THE CLOUD (OCTOBER 27, 2016): Privacy and data security issues impact every industry and affect almost all aspects of a company’s operations. Sales, human resources, data maintenance and storage, IT, legal and compliance, even litigation, all require careful attention to protecting the privacy of personal information as well as preserving the integrity of … Continue reading
On August 1, 2016, the U.S. Department of Commerce began accepting self-certification applications for the new EU-U.S. Privacy Shield Framework. In the month that has followed over 100 companies (including Microsoft, Oracle and Salesforce, among others) have self-certified that they are in compliance with the EU-U.S. Privacy Shield.
RESPONDING TO A DATA BREACH: WHAT TO EXPECT AND WHAT TO AVOID (APRIL 20, 2016): Verizon, Experian, and T-Mobile are on a growing list of entities impacted by major data breaches in the past year. But data breaches are not just limited to large national companies or organizations. No one is immune. For most organizations—big or … Continue reading
Cybersecurity of the electric power grid and energy sector as a whole has been the subject of heightened Congressional attention given the integral role the industry plays in our economy. According to a 2015 U.S. Senate committee report, nearly one-third of reported cyber-attacks involve the energy sector. Not surprisingly, the 114th Congress (2015-2016) has introduced … Continue reading
PRIVACY AND DATA BREACH: WHAT CAN COMPANIES EXPECT IN 2016? (MARCH 16, 2016, SPEAKERS – KARIN MCGINNIS, TODD TAYLOR): 2016 promises to bring significant developments and challenges in information privacy and data security. Congress and state legislatures are continuing to focus on new laws to protect personal information while at the same time minimize the impact of cybersecurity … Continue reading