Rebecca Rakoski Periodical on Privacy in 2018 for Policy & Medicine’s Compliance Update

Rebecca L. Rakoski, Esq.’s periodical, ‘A Modern Renaissance Privacy in 2018 and Its Continuing Domestic Evolution,’ has been published in Policy & Medicine‘s Compliance Update.  Below is an excerpt from the article… These days, it seems that nearly every evolved country in the world recently passed a piece of sweeping privacy regulation. In a global […]

‘Tis the Season…for Cyber Attacks

‘Twas the night before Christmas when all through the halls Hackers were vishing through numerous calls The President in panic, the CEO in distress Everyone knew this situation was a giant mess When from the CISO there arose such a clatter All employees were watching to see what was the matter And what to their […]

While everyone is waiting for California’s Data Protection law to come, another “C”-state has already enacted its law: Welcome to Colorado!

By Carolin Brucker Cabe, an Associate at XPAN Law Group, LLC. While everyone who is remotely familiar with data protection and privacy laws and regulations has probably come across the abbreviation “CCPA” (or “CaCPA”) by now and automatically thinks of California, the abbreviation very well could point to another state, which has enacted one of […]

Dittman v. UPMC and the Duty of Care to Secure Employee Data

The security and privacy legal landscape drastically shifted in the past month, with the Pennsylvania Supreme Court issuing its opinion in Dittman v. UPMC, __ A.3d __, No. 43 WAP 2017, 2018 WL 6072199 (Pa. 2018). The facts in this case that form the basis of the Court’s opinion will resonate with every business: plaintiffs […]

Scammers are Grateful to Oversharers

A few months back, we posted a blog entitled “Privacy is the New Black”. In that blog, we discussed the way our world is starting to view privacy differently and that protecting data privacy has become the new “hot thing”, or is at least dominating more and more of the conversation. We frequently focus on […]

Show Me the Money: How the CCPA Applies to GLBA-Regulated Entities

This post is authored by Kacey Jennings, a second-year law student at Villanova University’s Charles Widger School of Law. Ms. Jennings is a legal-intern with the XPAN Law Group. At first blush, the language in the most comprehensive piece of data privacy legislation in any US state to date — the California Consumer Privacy Act […]

Privacy in US Elections: When An Absentee Ballot Requires You to Publicly Divulge Information

The much-anticipated mid-term elections are finally upon us. If you have any hesitations about exercising your right to vote, here is your friendly (and forceful) reminder to go vote! If this is a surprise to you that it is Election Day, do your research and still go vote! Ok, now we can move past the […]

Healthcare Industry Needs to Get Back to Basics

Cybersecurity breaches and incidents are starting to feel like Groundhogs Day. Who do we have today? None other than, with the Washington Post recently reporting that was hacked compromising approximately 75,000 individual’s private information. is the system through which individuals can obtain healthcare coverage under the Affordable Care Act. As of 2018, […]

First Step of Data Privacy Compliance: Understanding Your Data

By Antonia Dumas, an Associate at XPAN Law Group. If you have been following our blog, we hope you know (and agree) that that data privacy is a priority. The next question is: what can you do for your company? You have recognized the importance of addressing data privacy issues and having been introduced to […]

Your Motherboard: Did Bloomberg Businessweek Cry Wolf About Tech Giants’ Supply Chains?

This post is authored by Kacey Jennings, a second-year law student at Villanova University’s Charles Widger School of Law. Ms. Jennings is a legal-intern with the XPAN Law Group. China has allegedly used tiny microchips to hack the most valuable publicly traded company in the world. No, this is not a description of a one-star […]