On August 11, 2022, the Federal Trade Commission announced it is seeking public comment regarding its advance notice of proposed rulemaking on commercial surveillance and data security.
Continue Reading FTC Seeks Public Comment Regarding Data Privacy and Security Rulemaking
Information Security
NIST Publishes New Draft Guidance on HIPAA Security Rule
Posted on
On July 21, 2022, the National Institute of Standards and Technology released an updated draft of its HIPAA Security Rule guidance. …
Continue Reading NIST Publishes New Draft Guidance on HIPAA Security Rule
Google Delays Third-Party Cookie Phaseout Until 2024
Posted on
Posted in Information Security, Online Privacy
On July 27, 2022, Google announced that it is delaying its plans to phase out third-party cookies in the Chrome web browser.
Continue Reading Google Delays Third-Party Cookie Phaseout Until 2024
Russian Federation Passes Data Protection and Information Governance Reforms
Posted on
In July 2022, Maria Ostashenko from ALRUD Law Firm reports that the Russian Parliament passed, and the President of the Russian Federation signed into law, major reforms in data protection and information governance. The reforms include:
- Significant changes to Federal Law No. 152-FZ on Personal Data, including the scope of its application, new rules for
T-Mobile to Pay $500 Million to Settle Claims Related to 2021 Breach
Posted on
On July 22, 2022, T-Mobile entered into an agreement to settle a class action lawsuit stemming from its 2021 data breach. …
Continue Reading T-Mobile to Pay $500 Million to Settle Claims Related to 2021 Breach
Arizona Adds Breach Notification Obligation
Posted on
On July 22, 2022, companies are required to notify the Arizona Department of Homeland Security when they experience a data breach impacting more than 1,000 Arizona residents. …
Continue Reading Arizona Adds Breach Notification Obligation
NIH Confidentiality Certificates Add Layer of Privacy Protection Post-Dobbs
Posted on
Following the ruling in Dobbs, the National Institutes of Health’s certificates of confidentiality offer an important layer of privacy protection to reproductive health research data. …
Continue Reading NIH Confidentiality Certificates Add Layer of Privacy Protection Post-Dobbs
Florida Enacts Law Prohibiting State Agencies from Paying Cyber Ransoms
Posted on
On July 1, 2022, amendments to Florida’s State Cybersecurity Act took effect, imposing certain ransomware reporting obligations on state agencies, counties and municipalities and prohibiting those entities from paying cyber ransoms. …
Continue Reading Florida Enacts Law Prohibiting State Agencies from Paying Cyber Ransoms
Wegmans Agrees to Pay $400,000 Penalty After Cloud Security Lapse
Posted on
On June 30, 2022, the New York Office of the Attorney General announced a $400,000 agreement with Wegmans Food Markets, Inc. in connection with a cloud storage security issue. …
Continue Reading Wegmans Agrees to Pay $400,000 Penalty After Cloud Security Lapse
HHS Issues Post-Dobbs Guidance to Protect Patient Privacy
Posted on
On June 29, 2022, the U.S. Department of Health and Human Services issued two guidance documents to “help protect patients seeking reproductive health care, as well as their providers” following the Supreme Court’s decision in Dobbs vs. Jackson Women’s Health Organization. …
Continue Reading HHS Issues Post-Dobbs Guidance to Protect Patient Privacy