Save significant time by adapting this recently updated template to your business's personal information practices. This CCPA/CPRA-compliant policy includes guidance, drafting notes, and optional and alternate clauses. Read now » Related Content ...
An organization can incur staggering costs by failing to plan for a nearly inevitable network intrusion. Proper preparation for cyber incidents can significantly reduce losses by lowering the cost of a data breach, reducing the risk of litigation, and minimizing...
Companies that process biometric information can adapt this new template, including practical guidance, drafting notes, and optional and alternate clauses, to comply with the Illinois Biometric Information Privacy Act, the Texas Capture or Use of Biometric Identifiers...
Federal courts in data breach litigation have rejected assertions of privilege and ordered the production of forensic reports. In this new video, Squire Patton Boggs partner Kristin Bryan discusses four important takeaways from these cases suggesting certain basic...
Catch up on state student privacy laws when you explore the Student Privacy Requirements topic in our Data Security & Privacy State Law Comparison Tool . Coverage includes entities and students covered, key definitions, notice and consent requirements, service...
Covered organizations can adapt this notice to comply with the California Consumer Privacy Act, as amended by the California Privacy Rights Act (CCPA/CPRA), Cal Civ Code § 1798.100 et seq., by providing consumers with notice describing the personal information...
Data privacy, long a focus of state lawmakers across the country, is poised to enter a new space: your brain. Elon Musk has been making headlines for years now with his company Neuralink , which seeks to someday combine human consciousness with artificial intelligence...
Review types of threat actors, how they gain access to your network, special types of intrusions (such as insider threats, email compromise, and supply chain compromise), and the steps you should take in responding to a data security incident. Read now »...
Make sure you’re aware of the popular techniques used by threat actors to obtain access to a network or execute these compromises. This practice note reviews the major types of end user attacks that may be executed against your network, ways to detect attacks...
Version 4.0 of the Payment Card Industry Data Security Standards (PCI DSS) was introduced in March 2022 subject to a 24–month transitional period from PCI DSS v3.2.1, that ended on March 31, 2024. Learn about the key changes here. Read now » Related...
Several states have proposed bills, enacted health data privacy laws, or amended existing privacy laws to protect "consumer health data." Some characteristics of these new state health privacy laws raise interesting questions and could create difficult...
Under the Corporate Transparency Act (CTA), U.S. and foreign companies authorized to do business in the United States are responsible for compliance with state, federal, or foreign data privacy and cybersecurity laws—and for ensuring that their service providers...
It is more important than ever for businesses to have a clear understanding of whether their current policies cover cyber incidents and, if so, to what extent. Find out what your organization can do to make it more attractive to insurers. Read now » Related...
There are new developments impacting the settlement of data breach class actions, including recent class certification decisions, claims rates and notices, aggregators and artificial intelligence, attorneys’ fees, and residual settlement funds. Find out more...
The California Privacy Protection Agency (CPPA) launched the formal rulemaking process on July 5, 2024, by seeking public comment on proposed regulations for data broker registration mandated by Senate Bill 362, also known as the Delete Act. The CPPA’s proposed...