On April 13, 2020, the New York Department of Financial Services issued guidance to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.
Continue Reading NY Department of Financial Services Issues Guidance to Regulated Entities Regarding Cybersecurity During the COVID-19 Pandemic

On April 16, 2020, the European eHealth Network published a common EU Toolbox for the use of contact tracing and warning apps in response to the coronavirus pandemic. The Toolbox is part of the common EU coordinated approach to using COVID-19 mobile apps. The Toolbox was accompanied by guidance from the European Commission on data protection and privacy aspects of the use of such apps.
Continue Reading EU Publishes Common Toolbox and Data Protection Guidance on Tracing Apps to Fight COVID-19

The UK Information Commissioner has released an opinion in response to the joint effort announced by Apple and Google to enable the use of Bluetooth technology to help governments and health agencies reduce the spread of COVID-19.
Continue Reading UK ICO Releases Its Opinion on Apple and Google Partnership to Build COVID-19 Contact Tracing Technology

On April 3, 2020, the Brazilian Senate approved Bill of Law, which includes a number of emergency measures intended to address the COVID-19 pandemic. Importantly, one provision delays the effective date of the Brazilian Data Protection Law until January 2021.
Continue Reading House to Vote on Senate’s Proposed Delay of Brazil’s Data Protection Law

On March 21, 2020, the data security provisions of New York’s Stop Hacks and Improve Electronic Data Security Act went into effect. The SHIELD Act requires any person or business owning or licensing computerized data that includes the private information of a resident of New York to implement and maintain reasonable safeguards to protect the security, confidentiality and integrity of the private information.
Continue Reading New York SHIELD Act Requires Safeguards to Protect Private Information