Where are we now? Six Months Into the GDPR

On May 25, 2018, the European Union’s General Data Protection Regulation (“GDPR”) went into effect, and largely took the corporate world by surprise. In the ensuing six-plus months, the negative speculation on the impact of the GDPR has run rampant: it will destroy innovation, companies will be put out of business with extraordinary fines — […]

Rebecca Rakoski Periodical on Privacy in 2018 for Policy & Medicine’s Compliance Update

Rebecca L. Rakoski, Esq.’s periodical, ‘A Modern Renaissance Privacy in 2018 and Its Continuing Domestic Evolution,’ has been published in Policy & Medicine‘s Compliance Update.  Below is an excerpt from the article… These days, it seems that nearly every evolved country in the world recently passed a piece of sweeping privacy regulation. In a global […]

‘Tis the Season…for Cyber Attacks

‘Twas the night before Christmas when all through the halls Hackers were vishing through numerous calls The President in panic, the CEO in distress Everyone knew this situation was a giant mess When from the CISO there arose such a clatter All employees were watching to see what was the matter And what to their […]

While everyone is waiting for California’s Data Protection law to come, another “C”-state has already enacted its law: Welcome to Colorado!

By Carolin Brucker Cabe, an Associate at XPAN Law Group, LLC. While everyone who is remotely familiar with data protection and privacy laws and regulations has probably come across the abbreviation “CCPA” (or “CaCPA”) by now and automatically thinks of California, the abbreviation very well could point to another state, which has enacted one of […]

Dittman v. UPMC and the Duty of Care to Secure Employee Data

The security and privacy legal landscape drastically shifted in the past month, with the Pennsylvania Supreme Court issuing its opinion in Dittman v. UPMC, __ A.3d __, No. 43 WAP 2017, 2018 WL 6072199 (Pa. 2018). The facts in this case that form the basis of the Court’s opinion will resonate with every business: plaintiffs […]

An Official Federal Cybersecurity Agency – Will This Provide The Protection That Small Businesses Need?

By Antonia Dumas, an Associate at XPAN Law Group. Regarding the newly signed Cybersecurity and Infrastructure Security Agency Act of 2018, I came across an article that proclaimed: “The US now has an official federal cybersecurity agency.” And yes, technically this is an accurate proclamation because this Act did create an official federal level cybersecurity […]

A Brief Overview of the EDPB’s Provisional Guidelines on Art. 3 of the GDPR

On November 16, 2018, the European Data Protection Board (“EDPB”) adopted Guidelines 3/2018 on the territorial scope of the GDPR, soliciting public consultation through January 18, 2019. These are not final, but are providing some key guidance on the jurisdictional reach of the GDPR, a critical aspect for many entities. Article 3 of the GDPR […]

Scammers are Grateful to Oversharers

A few months back, we posted a blog entitled “Privacy is the New Black”. In that blog, we discussed the way our world is starting to view privacy differently and that protecting data privacy has become the new “hot thing”, or is at least dominating more and more of the conversation. We frequently focus on […]

Show Me the Money: How the CCPA Applies to GLBA-Regulated Entities

This post is authored by Kacey Jennings, a second-year law student at Villanova University’s Charles Widger School of Law. Ms. Jennings is a legal-intern with the XPAN Law Group. At first blush, the language in the most comprehensive piece of data privacy legislation in any US state to date — the California Consumer Privacy Act […]

Privacy in US Elections: When An Absentee Ballot Requires You to Publicly Divulge Information

The much-anticipated mid-term elections are finally upon us. If you have any hesitations about exercising your right to vote, here is your friendly (and forceful) reminder to go vote! If this is a surprise to you that it is Election Day, do your research and still go vote! Ok, now we can move past the […]