Our team provides in-depth coverage of major cybersecurity and data privacy changes, focused on the law, business, and technology. To see an index of all of our prior blog posts, please click on our Blog Index.

The New NIST Privacy Framework: What You Should Know

By Antonia Dumas, Associate at XPAN Law Group  I will not keep you on the edge of your seat waiting: the newly released National Institute of Standards and Technology (NIST) Privacy Framework does provide a tool, but that tool is part of a much larger (more complicated) puzzle.  As data privacy becomes a larger concern […]

NY SHIELD Act: Are you Ready?

Coming to New York in March 2020 is the Stop Hacks and Improve Electronic Data Security (SHIELD) Act. The SHIELD Act updates the approach to cybersecurity in New York, requiring proactive actions on the part of companies to protect personal data of New York residents. This means that the SHIELD Act, like a lot of […]

Blockchain and Data Protection Laws: Can they Co-Exist?

Blockchain is a buzzword in the technology community, promising to combine unforseen computing power with the corresponding ability to confirm accuracy and legitimacy of transactions. The most common example of blockchain to the common user is cryptocurrency, the most popular of which is Bitcoin (or, at least, one of the most well-known). But, the use […]

The Twelve Hacks of Christmas 🎵🎵

🎵🎵To be sung to the tune of, The Twelve Days of Christmas. 🎵🎵 On the first day of Christmas a hacker followed me (online), by using social engineering. On the second day of Christmas a hacker sent to me, 2 phishing emails. On the third day of Christmas the hackers turned out to be, 3 […]

Will The New Year and COPRA Bring Privacy Rights to All Consumers?

By Antonia Dumas, Consultant at XPAN Law Group LLC   As we look ahead to 2020, many are preparing for changes in the privacy and security legal landscape here in the United States. As cybersecurity breaches and unauthorized disclosures of data to third-parties has been on the rise, so has the concern for providing a stronger […]

Looking Ahead to 2020 in the US: Preparing for Changes in Privacy and Security

As we close out 2019, it is a good time to reflect on the numerous changes to the privacy and security legal landscape, while also preparing for what is to come in the new year. The short predictions:  the craziness of 2019 is going to continue for some time. Patchwork data privacy and cybersecurity requirements, […]

The EDPB Offers Guidelines for Lawful Basis of Processing Based on the Necessity for the Performance of a Contract

By Michael A. Shapiro, Esq., CIPP/US/E, attorney with XPAN Law Group Article 6 of the General Data Protection Regulation (GDPR) requires that processing must be “lawful” on the basis of six specified conditions set forth in Article 6(1)(a) to (f).   One of the basis for lawful processing is the “necess[ity] for the performance of a […]

Beware of Self-Imposed Requirements. Are You Meeting the Mark? 

By Antonia Dumas, Consultant at XPAN Law Group LLC We have made it clear time and time again that data privacy should be made a priority in your business – and many businesses are taking that advice and running with it. Good for you! But, beware of the high-standards and requirements you are setting up […]

Vendor Risk Management: Playing with Fire and Risking Getting Burned

In 2019, the global average cost of a data breach is $3.92 million; a 1.5 percent increase from the 2018 study. While it is impossible to predict exactly where and when a data breach will occur, the costs associated with the breach of personal data is one no organization can really afford. Over the past […]

The Call is Coming From Inside the House: Internal Privacy Breach Threats

This post is authored by Bridget Mead, a third-year student at Drexel University’s Thomas R. Kline School of Law. Ms. Mead is a legal-intern with the XPAN Law Group. While most may believe that the biggest threat to data privacy are dark web hackers who manage to break into the networks of major international organizations […]