Employee security awareness training is a best practice and a “reasonable safeguard” for protecting the privacy and security of an organization’s sensitive data. The list of data privacy and cybersecurity laws mandating employee data protection training continues to grow and now includes the EU AI Act. The following list is a high-level sample of employee
Gramm-Leach-Bliley
Reminder: The FTC “Safeguards Rule” Compliance Date is Next Month
The Federal Trade Commission updated its “Standards for Safeguarding Customer Information” (“Safeguards Rule”) and extended the compliance deadline to June 9, 2023. Some entities still may be wondering – “Do these regulations apply to my business?” and “What do I have to do?”
Back in 2021, we provided a high-level summary of the Safeguards Rule…
10 Steps for Tackling Data Privacy and Security Laws in 2020 for In-House Counsel and HR Pros
After years of data breaches, mass data collection, identity theft crimes, and failed attempts at broad-based federal legislation, 2020 may be the year that state privacy and data security legislation begins to take hold in the U.S. For example, the California Consumer Privacy Act (“CCPA”) and the New York Stop Hacks and Improve Electronic Data…
Professional Tax Preparers – You Need A Written Information Security Plan, Says the IRS and FTC
Tax season soon will soon be upon us and many not-so-eager taxpayers will share sensitive personal information about themselves, their dependents, their employees, and others with their trusted professional tax preparers for processing. What many of these preparers might not realize is that federal law and a growing number of state laws obligate them to…
Happy Holidays Financial Institutions, Less Privacy Paperwork in the New Year
It seems the White House and Congress can agree on at least one thing—financial institutions are over-burdened by current privacy notice rules. In a move that is hoped to save financial institutions significant costs on postage, printing and administrative resources, on Friday, December 4, 2015, President Obama signed the Fixing America’s Surface Transportation Act (the…
Best Practices For Gramm-Leach-Bliley Compliance
The U.S. Commodity Futures Trading Commission (Commission) issued a Staff Advisory on best practices for financial institutions that must comply with Gramm-Leach-Bliley Act (GLBA) provisions on data security and customer privacy.
GLBA was enacted to ensure that financial institutions respect the privacy of their customers and protect the security and confidentiality of nonpublic personal information. …