Workplace Privacy, Data Management & Security Report

Are shareholders considered “consumers” under the CCPA?

December 11, 2019

It’s hard to understate the range of issues the California Consumer Privacy Act (the “CCPA”) raises for covered businesses and their service providers. One of those issues involves the meaning of “consumer.” If you have been following CCPA developments, you know that at least for the first 12 months the CCPA is effective, the new law will, to a limited extent, apply to personal information of certain employees, applicants, and contractors. See AB 25.…

Workplace Privacy, Data Management & Security Report

Maryland Again Amends its Data Breach Notification Law

By Joseph J. Lazzarotti & Maya Atrakchi

December 9, 2019

In response to trends, heightened public awareness, and a string of large-scale data breaches, states continue to enhance their data breach notification laws. In 2017, Maryland amended its Personal Information Protection Act (PIPA) with expansion of the definition of personal information, modification of the definition of “breach of the security of the system,” establishing a 45-day timeframe for notification, and expansion of the class of information subject to Maryland’s data destruction laws. Now, Maryland has again…

Workplace Privacy, Data Management & Security Report

Professional Tax Preparers – You Need A Written Information Security Plan, Says the IRS and FTC

By Joseph J. Lazzarotti

December 6, 2019

Tax season soon will soon be upon us and many not-so-eager taxpayers will share sensitive personal information about themselves, their dependents, their employees, and others with their trusted professional tax preparers for processing. What many of these preparers might not realize is that federal law and a growing number of state laws obligate them to have safeguards in place to protect sensitive taxpayer data. This can be overwhelming, especially considering tax preparers are already tasked…

Workplace Privacy, Data Management & Security Report

EU’s High Court Issues Important Opinion on Website Cookie Consent

By Mary T. Costigan & Maya Atrakchi

November 22, 2019

Several weeks ago, we published a CCPA FAQS on Cookies, which provides a high-level look at how the impending CCPA may apply to website cookies. The CCPA’s definition of personal information is expansive, and in preparation for the CCPA it is easy to overlook certain elements of personal information, in particular website cookies. A cookie is a small text file that a website places on a user’s computer (including smartphones, tablets or other connected…

Workplace Privacy, Data Management & Security Report

Massachusetts Governor Announces Cybersecurity Program

By Michael R. Bertoncini

November 15, 2019

State and local governments have increasingly become targets of cybersecurity attacks. This year cybersecurity attacks on Baltimore and Lincoln County, North Carolina reportedly will cost those government entities $18.2 million and as much as $400,000, respectively to recover from the attacks. Last year, Atlanta spent more than $7 million to recover from a ransomware attack. A report by cybersecurity firm Coveware shows that governments paid almost 10 times as much money on average in ransom…

Workplace Privacy, Data Management & Security Report

Disclosure of State Employees’ Birthdates Not Protected Per Washington Supreme Court

By Jeffrey M. Schlossberg

November 13, 2019

The Washington State Supreme Court ruled recently that state employees’ birthdates associated with their names are not exempt from disclosure pursuant to a freedom of information records request. In so holding, the Court strictly construed the applicable statute that did not expressly exempt birthdates from disclosure. Wash. Pub. Emps. Assn. v. State Ctr for Childhood Deafness & Hearing Loss. Private and public entities across the country that respond to countless requests for information may…

Workplace Privacy, Data Management & Security Report

US Senate Bill Passes, Seeking to Establish “Cyber Hunt and Incident Response Teams”

By Frank J. Fanshawe

November 11, 2019

focused-junior-high-girl-student-using-computer-in-computer-lab-picture-id1135567316

More than 500 United States schools (connected with 54 different education entities such as school districts and colleges) have been infected with ransomware during the first nine months of 2019, according to a recent report by cybersecurity firm Armor, making the education sector one of the leading ransomware targets, following only municipalities as the top ransomware target. We recently noted in this blog the NYS Education Department’s efforts to combat cyber threats against schools.…

Workplace Privacy, Data Management & Security Report

Illinois Leads the Way on AI Regulation in the Workplace

By Joseph J. Lazzarotti & Maya Atrakchi

October 24, 2019

Illinois continues to lead the way in privacy and security legislation. The Prairie State is home to the Biometric Information Privacy Act, first of its kind legislation regulating the collection and possession of biometric information, and also the Personal Information Protection Act, considered one of the more expansive data breach notification laws in the nation. And now, in what has been described as “the momentous legislative session in decades”, the Illinois…

Workplace Privacy, Data Management & Security Report

California Updates its Data Breach Notification Law

By Jerel Pacis Agatep

October 18, 2019

On February 21, 2019, California Attorney General Xavier Becerra and Assemblymember Marc Levine (D-San Rafael) announced Assembly Bill 1130 which intended to strengthen and expand California’s existing data breach notification law. On September 11, 2019, the bill passed both houses of the legislature and was presented to Governor Gavin Newsom. Last Friday, October 11, 2019, the Governor signed AB 1130, together with 6 additional California Consumer Privacy Act of 2018 (“CCPA”) related bills into …

Workplace Privacy, Data Management & Security Report

CCPA Update: AG Announces Proposed Regulations, Governor Signs Amendments into Law

By Joseph J. Lazzarotti, Jason C. Gavejian & Maya Atrakchi

October 14, 2019

Lots of action for the California Consumer Privacy Act (CCPA) in the last few days! After much anticipation, on October 10th, 2019, California Attorney General Xavier Becerra (“the AG”) announced the Proposed Regulations for the CCPA. The next day, California Governor Gavin Newsom signed into law six amendments to the CCPA. Below is a summary of key aspects of the AG’s Proposed Regulations and the Governor signed amendments. AG Becerra’s Proposed Regulations The CCPA requires…

Workplace Privacy, Data Management & Security Report

Blog Authors

Are shareholders considered “consumers” under the CCPA?

Maryland Again Amends its Data Breach Notification Law

Professional Tax Preparers – You Need A Written Information Security Plan, Says the IRS and FTC

EU’s High Court Issues Important Opinion on Website Cookie Consent

Massachusetts Governor Announces Cybersecurity Program

Disclosure of State Employees’ Birthdates Not Protected Per Washington Supreme Court

US Senate Bill Passes, Seeking to Establish “Cyber Hunt and Incident Response Teams”

Illinois Leads the Way on AI Regulation in the Workplace

California Updates its Data Breach Notification Law

CCPA Update: AG Announces Proposed Regulations, Governor Signs Amendments into Law

Stay Connected

Company

Support

New to the Network

Blog Authors

Latest from Workplace Privacy, Data Management & Security Report