Blog

Blog

Our team provides in-depth coverage of major cybersecurity and data privacy changes, focused on the law, business, and technology. To see an index of all of our prior blog posts, please click on our Blog Index.

Cybersecurity Enforcement Is Coming & NY Has Set The Stage With Its First NY DFS Case

By Antonia Dumas, Associate at XPAN Law Group, LLC  With California’s Attorney General’s first steps towards enforcement of the CCPA, data privacy enforcement is a hot topic. However, we should not forget the other side of the coin, cybersecurity enforcement. Just as there has been a rise in data privacy regulatory activity and discussions, there […]

Massachusetts & the Written Information Security Policy (WISP) Requirements: Updating Your WISP to Reflect the New “Normal” of Work

By Michael Simon Are your employees coming back to the office?  Then it’s time to update your written information security policy (WISP).  Since 2010, Massachusetts Mass. Gen. L. 93H has required organizations that collect “Personal Information” to implement a comprehensive written information security policy (WISP).  Massachusetts amended chapter 93H effective April 11, 2019 to reaffirm […]

The CJEU disrupts International Data Transfers, Again

The Court of Justice of the European Union (“ECJ”) released its much anticipated decision on July 16, 2020 regarding the transfer of personal data from the European Union (“EU”) to the United States (“US”). The full decision can be found here; and the ECJ press release can be located here.  The two main holdings of […]

Global privacy in a crisis: The challenge of addressing regional privacy laws & COVID-19

This article was originally published on Thomson Reuters Westlaw on June 27, 2020, citation 2020 WL 3486582. Republished with permission. A full copy of the original post can be found here and a copy of the PDF is available here. By Jordan L. Fischer, Esq. In the last two decades, the evolution of technology, the […]

In the Cannabis Industry, Profitability and Data Privacy/Security go Hand-in-Hand

Reprinted with permission from the July 1, 2020, issue of the New Jersey Law Journal. Further duplication without permission is prohibited. All rights reserved. © 2020 ALM Media Properties, LLC. A fully copy of the article is available here. * * * * * * By Rebecca Rakoski, Esq. No longer operating in the margins, the […]

A Continued Increase in Data Breaches Requires Proactive Privacy Compliance

By Antonia Dumas, Associate at XPAN Law Group LLC  A data breach equates to data security and privacy compliance targets. The easiest way for regulators or authorities to make a business a target for enforcement is a data breach (see our previous blog post about data breaches bringing you in front of regulatory eye).  A […]

Understanding the AG’s Role in Consumer Data Protection

By Antonia Dumas, Esq. Two trends are rapidly changing the legal liabilities of data privacy and cybersecurity: (1) private rights of action and (2) Attorney General enforcement actions. Many states are providing increasing ability for both the Attorneys General and individuals to enforce newly adopted privacy requirements. And, these methods of holding a company liable […]

Maintaining Your Data Breach Investigation Report as Privileged

Michael Simon A critical component of any major data breach or incident response is retaining an expert consultant to investigate, remediate and recommend changes to prevent reoccurrence of the breach or incident. Companies and their outside counsel rely on these  experts to report on when the intrusion occurred, how it happened, what safeguards were in […]

CCPA Countdown: Are Your Employees Trained and Ready?

Cybersecurity and data privacy compliance is a journey: not an out-of-box, set-it-and-forget-it solution. It needs to be built to organically fit within an organization and consistently reviewed and revised as the business changes and evolves.  And with the California Consumer Privacy Act of 2018 (“CCPA”), this approach is especially relevant. The CCPA regulatory journey started […]

Data Privacy and Security Starts At Design

By Michael Simon In the last few months, Zoom made headlines with privacy and security concerns while at the same time dealing with a massive increase in users (see our prior post on Zoom here).  The privacy and security issues faced by Zoom have led to a loss of confidence in the application by consumers […]