Effective October 1, 2021, Connecticut becomes the third state with a data breach litigation “safe harbor” law (Public Act No. 21-119), joining Utah and Ohio. In short, the Connecticut law prohibits courts in the state from assessing punitive damages in data breach litigation against a covered defendant that created, maintained, and complied with

A proposal by Indiana’s Attorney General Curtis Hill on Wednesday would add a significant step in the incident response process for responding to breaches of security affecting Indiana residents. On Wednesday, during a U.S. Chamber of Commerce virtual event, he announced his proposed rule designed to better protect Hoosiers from cyberattacks. It is expected that

Last month, the European Union and U.S. officials announced final approval of the EU-U.S. Privacy Shield (Privacy Shield), replacing the Safe Harbor which was invalidated by the Court of Justice of the European Union in October 2015.  Like it predecessor, the Privacy Shield will allow organizations based in the United States to self-certify compliance with

Earlier today the European Union and U.S. officials announced the final approval of the EU-U.S. Privacy Shield data transfer agreement (“the Privacy Shield”).  Beginning August 1, 2016, organizations based in the U.S. will be able to self-certify their compliance with the Privacy Shield.

The Privacy Shield is meant to replace the EU-U.S. Safe Harbour agreement

Earlier today, the European Commission (the Commission) issued a draft “adequacy decision” as well as the texts that will constitute the EU-U.S. Privacy Shield (the Privacy Shield). This includes the Privacy Shield Principles companies have to abide by, as well as written commitments by the U.S. Government on the enforcement of the arrangement,

US.EUCompliance and privacy officials all over the U.S. just let out a breath they had been holding since last October when the European Court of Justice invalidated the US/EU Safe Harbor Program. BNA is reporting that negotiators just reached an agreement on a new data transfer framework between the U.S. and the European Union. Details

The folks over at Politico are reporting that the Senate Judiciary Committee struck a deal Wednesday night regarding the Judicial Redress Act. The committee adopted Senator John Cornyn’s amendment that ties the bill’s privacy protections to the proposed new Safe Harbor Agreement being negotiated between the U.S. and the EU. The Judicial Redress Bill attempts

Since it was enacted in 2008, plaintiffs suing under the Genetic Information Nondiscrimination Act ("GINA"), 42 U.S.C. Section 2000ff et seq., have not had much success. Most cases have been dismissed at an early stage.  As reported on our Disability, Leave and Health Management Blog, however, this summer the U.S. Equal Employment Opportunity Commission ("EEOC") burst on the scene