On November 8, 2024, the California Privacy Protection Agency (CPPA) voted to advance proposed regulations concerning automated decisionmaking technology. While the comment period is ongoing and we do not have final rules, we are taking a look at some key provisions to help businesses begin to assess the potential effects of these rules if made

As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our most popular topics and posts from 2024.

Expanding State Privacy Laws

This year saw a further expansion of state comprehensive consumer data privacy laws. These legislative measures aim to enhance the

No organization can eliminate data breach risks altogether, regardless of industry, size, or even if the organization has taken significant steps to safeguard their systems and train employees to avoid phishing attacks. Perhaps the most significant reason these risks remain: third-party service providers or vendors.

For most businesses, particularly small to medium-sized businesses, service providers

On June 25, 2024, Rhode Island became the 20th state to enact a comprehensive consumer data protection law, the Rhode Island Data Transparency and Privacy Protection Act (“RIDTPPA”). The state joins Kentucky, Maryland, Minnesota, Nebraska, New Hampshire, and New Jersey in passing consumer data privacy laws this year.

The RIDTPPA takes effect on January

On May 24, 2024, Minnesota’s governor signed an omnibus bill, HF4757 which included the new Consumer Data Privacy Act. The state joins Kentucky, Nebraska, New Hampshire, New Jersey, and Rhode Island in passing consumer data privacy laws this year.

Minnesota’s law takes effect July 31, 2025, except that postsecondary institutions and nonprofit corporations governed by

In 2020, Daniel Anderl, the son of Federal Judge Esther Salas, was shot and killed by a man targeting the judge. It is believed the man found the judge’s home address online. In reaction to the murder, New Jersey enacted “Daniel’s Law” which prohibits the disclosure of the home address and unpublished telephone number of

Maryland’s governor recently signed the Maryland Online Data Privacy Act of 2024 (MODPA), making Maryland one of six states—along with Kentucky, Nebraska, New Hampshire, New Jersey, and Rhode Island—to pass a comprehensive privacy law this year.  Overall, 19 states (and counting) now have such laws on their books.  

Maryland’s law takes effect October 1

On June 11, 2024, the Consumer Financial Protection Bureau (CFPB) published a Notice of Proposed Rulemaking (NPRM) to amend Regulation V‒ which implements the Fair Credit Reporting Act (FCRA) ‒  limiting the inclusion of medical bills in consumer financial reports. This amendment, while providing significant benefits to Americans suffering significant medical debts, also may alter