cybersecurity

Subscribe to cybersecurity
Health-law-Privacy

As reported in a June 3, 2022 press release from the House Committee on Energy and Commerce, U.S. Representatives Frank Pallone, Cathy McMorris Rodgers, and Senator Roger Wicker released a “discussion draft” of a federal data privacy bill entitled the “American Data Privacy and Protection Act” (the “Draft Bill”), which would impact the data privacy and cybersecurity practices of virtually every business and not-for-profit organization in the United States.

As further described below, the Draft Bill’s highlights include: (i) a comprehensive nationwide data privacy framework; (ii) preemption of state data privacy laws, with some exceptions; (iii) a private right of action after four (4) years, subject to the individual’s prior notice to the Federal Trade Commission (“FTC”) and applicable state attorney general before commencement of lawsuit; (iv) exemptions for covered entities that are in compliance with other federal privacy regimes such as the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) and Gramm-Leach Bliley Act (“GLBA”) solely with respect to data covered by those statutes; (v) exclusions from Act’s requirements for certain “employee data”; and (vi) a requirement for implementation of reasonable administrative, technical and physical safeguards to protect covered data. The Draft Bill would be enforced by the FTC, and violations treated as unfair or deceptive trade practices under the Federal Trade Commission Act, as well as by state attorneys general.

Continue Reading A Recently-Released “Discussion Draft” of the “American Data Privacy and Protection Act” Provides Insight into Recent Bipartisan Efforts to Pass Nationwide Privacy Law

ww-220301-1280x720

As featured in #WorkforceWednesday:  This week, we look at H.R. 4445, new federal legislation that addresses mandatory arbitration of sexual assault and harassment claims.

Continue Reading Video: New Law on Arbitration of Sexual Harassment Claims, Cyber War Ramps Up, Salaried Nonexempt Status – Employment Law This Week

ELTW_EP244-1280x720

As featured in #WorkforceWednesday:  This week, we focus on new developments increasing whistleblower protections across the country and prohibiting mandatory arbitration of sexual assault and harassment claims.

Continue Reading Video: Whistleblower Regulations Increasing, #MeToo Bill Passes, Cyberfraud Risk Mitigation – Employment Law This Week

Recent data thefts and systems intrusions, particularly with respect to ransomware, have assured that cybersecurity is top of mind for corporate executives and compliance officials. We at EBG have tried to keep you up to date with respect to legislative, regulatory and litigation developments and recommended best practices and procedures.

As we close out the year, we all should remain mindful that cyber criminals, especially those who are supported or protected by foreign adversaries, have little incentive to rest up during the holidays.

Continue Reading Best Practices to Protect Against Increased Cyber Threats During the Holiday Season

Login,And,Password,,Cyber,Security,Concept,,Data,Protection,And,Secured

A recently discovered security vulnerability potentially affecting at least 100 million Internet of Things (“IoT”) devices[1] highlights the importance of the newly enacted IoT Cybersecurity Improvement Act of 2020 (the “IoT Act”). Researchers at the security firms Forescout Research Labs and JSOF Research Labs have jointly published a report detailing a security vulnerability known

Enacted on December 4, 2020, the Internet of Things Cybersecurity Improvement Act of 2020 (the “IoT Act”) is expected to dramatically improve the cybersecurity of the ubiquitous IoT devices.[1] With IoT devices on track to exceed 21.5 billion by 2025, the IoT Act mandates cybersecurity standards and guidelines for the acquisition and use by

Cybersecurity-data-protection-shutterstock_302508602

In our previous blog, we featured the California Privacy Rights Act’s Enhanced Cybersecurity Safeguards.[1] We now highlight significant privacy safeguards under the California Privacy Rights Act (“CPRA”) that will require advance planning in preparation for its January 1, 2023 effective date.[2] These new requirements will impact the collection and use of personal

shutterstock_720952210

The California Privacy Rights Act (“CPRA”) leaps forward on cybersecurity by amending the California Consumer Privacy Act (“CCPA”) to impose enhanced protections. The CPRA enhancements apply to “for profit” companies and other organizations: (a) with more than $25 million in gross revenues in the preceding calendar year, or (b) that annually buy, sell or share

New York attorneys could soon have to complete cybersecurity training courses to satisfy their continuing legal education (“CLE”) requirement. The House of Delegates of the New York State Bar Association (“NYSBA”) has approved a report proposing that NYSBA’s Executive Committee recommend to the New York State Continuing Legal Education Board that the biennial CLE requirement