On March 6, 2024, New Hampshire’s Governor signed Senate Bill 255, which establishes a consumer data privacy law for the state. The Granite State joins the myriad of state consumer data privacy laws. It is the second state in 2024 to pass a privacy law, following New Jersey. The law shall take effect
CCPA
Top 10 Blog Posts for the Workplace Privacy, Data Management & Security Report for 2023
As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our Top 10 most popular topics from 2023.
- States Passing Comprehensive Privacy Laws
There was a landslide of comprehensive state privacy laws passed in 2023, from coast to coast. The laws are…
Data Protection Update: Q4 Noteworthy Dates
Cross Border Transfers of Data.
UK Data Transfers. The UK government has published a U.S. “adequacy decision” which permits U.S. organizations that have certified to the EU-US Data Privacy Framework (DPF) and UK Extension to receive personal data transferred from the UK to the U.S. after October 12, 2023.
China Data Transfers. November…
Cybersecurity Awareness Month Series: The California Consumer Privacy Act and Cybersecurity
There are numerous cybersecurity regulations and requirements for businesses to worry about but they may not be considering their cybersecurity regulations under privacy statutes. California was at the forefront of privacy regulations with the passage of the California Consumer Privacy Act (CCPA). Lawsuits under the CCPA began almost immediately after it was enacted in 2020.
CPPA Mulls Draft Cybersecurity Audit Regulations Under CPRA
When the California Privacy Rights Act (CPRA) was enacted, it created the California Privacy Protection Agency (CPPA) and delegated to the CPPA significant regulatory authority. One of the areas of that authority is cybersecurity, which includes performing cybersecurity audits annually. On September 8, 2023, the CPPA considered a draft set of regulations that would establish…
CCPA-Covered Businesses Be On the Look Out for a Letter from the California Attorney General
Though enforcement of the California Privacy Rights Act (CPRA) which amended the California Consumer Privacy Act (CCPA) has been paused for now, the State of California is not resting when it comes to compliance with the CCPA.
On July 14, 2023, California’s Attorney General announced an “investigative sweep” regarding compliance with the CCPA.
Data Protection Update: Q3 Noteworthy Dates
FTC Safeguards Law (and Car Dealerships)
June 9th marked the deadline for financial institutions, including certain non-banking institutions that collect or maintain sensitive customer information (e.g., car dealerships), to implement a comprehensive information security program to comply with the Federal Trade Commission’s updated Safeguards Rule. For additional information, see our post: Reminder: The …
Websites: A Growing Compliance Concern – CCPA, HIPAA, Accessibility, State Laws…(Updated)
Websites play a vital role for organizations. They facilitate communication with consumers, constituents, patients, employees, donors, and the general public. They project an organization’s image and promote goodwill, provide information about products and services and allow for their purchase. Websites also inform investors about performance, enable job seekers to view and apply for open positions,…
Data Protection Update: Q2 2023
As we round the corner into the second quarter of 2023, the following enforcement dates for new or amended state data protection laws are quickly approaching.
CPPA Starts Rulemaking on Cybersecurity, Risk Assessments, and Automated Decision-making
While the California Privacy Protection Agency (CPPA) only recently approved revised amended regulations pertaining to the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), it is already on to its next rulemaking.
On February 10, 2023, the CPPA issued an invitation for preliminary comments on proposed rulemaking pertaining to cybersecurity audits…