On June 7, 2023, Connecticut’s Governor signed Senate Bill (SB) 1103, which enacted regulations regarding artificial intelligence, automated decision-making, and personal data privacy. The law sets several requirements for state agencies’ development and use of automated systems for critical decisions, including the designation of an artificial intelligence officer under the Office of Policy and
Connecticut
Connecticut Adds Protections for Health Data and Minors to Privacy Law
On June 26, 2023, the Governor of Connecticut signed Senate Bill (SB) 3 which set forth new requirements related to consumer health data and protections for minors online.
As Connecticut’s comprehensive consumer privacy law took effect on July 1, 2023, the state has expanded privacy requirements under SB 3. Similar to Washington and Nevada…
Data Protection Update: Q3 Noteworthy Dates
FTC Safeguards Law (and Car Dealerships)
June 9th marked the deadline for financial institutions, including certain non-banking institutions that collect or maintain sensitive customer information (e.g., car dealerships), to implement a comprehensive information security program to comply with the Federal Trade Commission’s updated Safeguards Rule. For additional information, see our post: Reminder: The …
Texas Tightens State’s Data Breach Notification Law
On May 27, 2023, Texas’ Governor signed Senate Bill 768 amending Texas’ data breach notification law. The law in question, Section 521.053 of the Texas Business and Commerce Code, sets out the specific requirements any person conducting business in the state who owns or licenses sensitive personal information in a computerized format must follow in…
Top 10 Blog Posts for the Workplace Privacy, Data Management & Security Report for 2022
As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our Top 10 most popular posts of 2022:
1. California Consumer Privacy Act FAQs: Employment Information
As the California Privacy Rights Act moves toward taking effect and exceptions applying to employment-related data…
Don’t Forget About Other Data Laws When It Comes to Connecticut Privacy Requirements
While the federal government attempts to move forward with a more uniform national law, Connecticut joined California, Colorado, Utah, and Virginia in passing a comprehensive consumer privacy law.
The legislation signed by Connecticut’s governor in May 2022, will take effect on July 1, 2023. However, provisions related to a task…
Connecticut Likely to Become Fifth State to Enact Comprehensive Consumer Privacy Law
When the California Consumer Privacy Act of 2018 (CCPA) became law, it was only a matter of time before other states adopted their own statutes intending to enhance privacy rights and consumer protection for their residents. After overwhelming support in the state legislature, Connecticut is about to become the fifth state with a comprehensive privacy…
Connecticut Enacts Safe Harbor from Punitive Damages in Data Breach Cases
Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law prohibits courts in the state from assessing punitive damages in data breach litigation against a covered defendant that created, maintained, and complied with…
Connecticut on its Way to an Enhanced Data Breach Notification Law
UPDATE: On June 16, Gov. Ned Lamont signed HB 5310 into law which becomes effective October 1, 2021.
State legislatures across the nation are prioritizing privacy and security matters, and Connecticut is no exception. This week, Connecticut Attorney General William Tong announced the passage of An Act Concerning Data Privacy Breaches, a measure that…
The Inexplicit Requirement and Definitive Necessity for Employers to Implement Privacy Policies
In the face of seemingly daily news reports of company data breaches and the mounting legislative concern and efforts on both the state and federal level to enact laws safeguarding personal information maintained by companies, employers should be questioning whether they should implement privacy policies to address the protection of personal information they maintain on…