August 18, 2021

Employee Deception Detection and Polygraph Tests

Learn how states regulate polygraph examination procedures by employers, including qualifications of polygraph examiners and voice stress analysts. While polygraph administration is regulated at the federal level under the Employee Polygraph Protection Act of 1988...
August 11, 2021

Notifying the Public of a Data Breach or Cyber Attack (GDPR Compliant)

This GDPR-compliant template can be published on an organization’s website or as a press release to let the public know about a data breach or cyberattack. There is no obligation under the EU General Data Protection Regulation (GDPR) to issue a public statement...
August 03, 2021

Navigating the Patchwork of State Data Privacy Laws

By David Giusti Senior Manager, LexisNexis® State Net ® The California Consumer Privacy Act (CCPA) sent chills up a lot of spines within corporate legal departments when it was adopted in 2018. This was the first comprehensive, consumer-facing data privacy...
August 04, 2021

New Key Facial Recognition Data Privacy Requirements in Washington State

This checklist describes key requirements imposed on state and local government entities in Washington State following the passage of the state's facial recognition statute, SB 6280. Rev. Code Wash. (ARCW) Title 43, Ch. 43.386. This statute, effective as of...
July 29, 2021

Insurance Week: Tougher Cyber Policies, Natural Disaster Losses, Rising FL Property Claims, AIG

Cyber Insurers Toughening Policy Requirements : Cyber policies are relatively new to the insurance business. But over the past decade the cyber insurance sector has taken off, with premiums more than doubling between 2015 and 2019 , from $1.4 billion to $3.1...
July 29, 2021

Tech Week in Review: CA Broadband, Reporting Cyberattacks, Antitrust, Surveillance, Apple’s Remote Work, Netflix Gaming

CA to Spend $6B on Broadband: California Gov. Gavin Newsom (D) signed a bill ( SB 156 ) last week committing the state to spending $6 billion over the next three years on expanding broadband access, particularly in underserved and rural communities. Over half...
July 28, 2021

New Virginia Consumer Data Protection Act: Scope and Applicability

Virginia recently enacted the Virginia Consumer Data Protection Act (VCDPA), which becomes effective January 1, 2023. The VCDPR gives Virginia consumers the right to access, correct, and delete personal information collected or processed by businesses and the right...
July 21, 2021

CAN-SPAM Act Compliance Best Practices

This comprehensive practice note addresses best practices for complying with the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003 (CAN-SPAM Act), including what types of messages are considered “commercial” and thus subject...
July 15, 2021

Insurance Week: Ransomware Payouts, Wildfire Season, Windstorms, Safety Inspections

Will Cyber Insurers Stop Reimbursing for Ransomware Payouts?: For a while now the prevailing wisdom in the cyber insurance industry has been that victims should just pay off the hackers and seek reimbursement from their insurer because it’s just less costly...
July 14, 2021

Drafting a GDPR-Compliant Data Breach Response Plan

This data breach response plan can be used by companies to inform their employees of the actions to take on discovering a personal data breach (including a cybersecurity breach). This form reflects reporting requirements under the General Data Protection Regulation...
July 07, 2021

Drafting an Effective Written Information Security Plan

This Written Information Security Plan provides a company-wide framework for protecting the security and privacy of information received or generated by a company and/or stored in company systems. READ NOW » Related Content Privacy and Data Security...
June 30, 2021

Protecting Personal Information in Public Records

Use this state law survey to learn how each state addresses protecting personally identifiable information (PII) that can be accessed from government records. This document provides an overview of each state’s laws regarding general protections of PII, protection...
June 22, 2021

Cloud Computing Data Protection Considerations

Access this checklist for an overview of key data protection issues to consider in cloud computing contracts. Cloud computing involves accessing a provider’s software and infrastructure remotely, and often includes storing the customer’s data with that...
June 15, 2021

Privacy and Data Security in Outsourcing

Access this practice note to learn about key privacy and data security issues in outsourcing. Outsourcing frequently results in a company’s data being stored outside of the company’s firewalls, often in systems managed by the outsourcing provider. Outsourcing...
June 10, 2021

Key Cybersecurity Risk Management Considerations When Building a Corporate Legal Department

By: Chad Perlov Businesses around the world are fighting a common battle against an exponentially growing wave of cybersecurity threats. In fact, 87% of organizations have already experienced an attempted exploit of an existing vulnerability, according to a recent...