Some business leaders and HR professionals may be waking up this morning not realizing they must provide a “Notice at Collection” to some or all of their employees and applicants under the new California Consumer Privacy Act (CCPA). This is not surprising given the confusion during 2019 about whether this law would reach that far.
Personal Information, Private Information, Personally Identifiable Information…What’s the Difference?
When privacy geeks talk “privacy,” it is not uncommon for them to use certain terms interchangeably –personal data, personal information, personally identifiable information, private information, individually identifiable information, protected health information, or individually identifiable health information. They might even speak in acronyms – PI, PII, PHI, NPI, etc. Blurring those distinctions might be OK for
10 Steps for Tackling Data Privacy and Security Laws in 2020 for In-House Counsel and HR Pros
After years of data breaches, mass data collection, identity theft crimes, and failed attempts at broad-based federal legislation, 2020 may be the year that state privacy and data security legislation begins to take hold in the U.S. For example, the California Consumer Privacy Act (“CCPA”) and the New York Stop Hacks and Improve Electronic Data
CCPA Notice of Collection – Are You Collecting Geolocation Data, But Do Not Know It?
Businesses subject to the California Consumer Privacy Act (“CCPA”) are working diligently to comply with the law’s numerous mandates, although final regulatory guidance has yet to be issued. Many of these businesses are learning that AB25, passed in October, requires employees, applicants, and certain other California residents to be provided a notice of
Are shareholders considered “consumers” under the CCPA?
It’s hard to understate the range of issues the California Consumer Privacy Act (the “CCPA”) raises for covered businesses and their service providers. One of those issues involves the meaning of “consumer.” If you have been following CCPA developments, you know that at least for the first 12 months the CCPA is effective, the new
Maryland Again Amends its Data Breach Notification Law
In response to trends, heightened public awareness, and a string of large-scale data breaches, states continue to enhance their data breach notification laws. In 2017, Maryland amended its Personal Information Protection Act (PIPA) with expansion of the definition of personal information, modification of the definition of “breach of the security of the system,” establishing a
Professional Tax Preparers – You Need A Written Information Security Plan, Says the IRS and FTC
Tax season soon will soon be upon us and many not-so-eager taxpayers will share sensitive personal information about themselves, their dependents, their employees, and others with their trusted professional tax preparers for processing. What many of these preparers might not realize is that federal law and a growing number of state laws obligate them to
Illinois Leads the Way on AI Regulation in the Workplace
Illinois continues to lead the way in privacy and security legislation. The Prairie State is home to the Biometric Information Privacy Act, first of its kind legislation regulating the collection and possession of biometric information, and also the Personal Information Protection Act, considered one of the more expansive data breach notification laws in
CCPA Update: AG Announces Proposed Regulations, Governor Signs Amendments into Law
Lots of action for the California Consumer Privacy Act (CCPA) in the last few days! After much anticipation, on October 10th, 2019, California Attorney General Xavier Becerra (“the AG”) announced the Proposed Regulations for the CCPA. The next day, California Governor Gavin Newsom signed into law six amendments to the CCPA. Below is
Celebrate National Cybersecurity Awareness Month with CCPA FAQs!
October is National Cybersecurity Awareness Month (NCSAM)! NCSAM is an annual event designed by the U.S. Department of Homeland Security (DHS) and co-led by the Cybersecurity and Infrastructure Security Agency (CISA) and National Cybersecurity Alliance (NCSA). NCSAM is a collaborative effort by both government and industry leaders intended to enhance public awareness regarding cybersecurity .