Gramm Leach Bliley Act

2022 Retail Industry Year in Review

Posted on January 27, 2023

On January 25, 2023, Hunton Andrews Kurth’s retail industry team released its annual Retail Industry in Review publication, which provides an overview of key issues and trends that impacted the retail sector in the past year, as well as a preview of relevant legal issues retailers can expect to arise in 2023.
Continue Reading 2022 Retail Industry Year in Review

FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule

Posted on November 18, 2022

Posted in Financial Privacy, Information Security, U.S. Federal Law

On November 15, 2022, the Federal Trade Commission announced a six-month extension for companies to comply with certain updated requirements of the Gramm-Leach-Bliley Act’s Safeguards Rule, a set of data security provisions covered financial institutions must implement to protect their customers’ personal information.
Continue Reading FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule

Vermont Enacts Insurance Data Security Law

Posted on June 9, 2022

Posted in Cybersecurity, Information Security, U.S. State Law

On May 27, 2022, Vermont Governor Phil Scott signed H.515, making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law. This blog entry provides a summary of the legislation.
Continue Reading Vermont Enacts Insurance Data Security Law

Connecticut Enacts Consumer Privacy Law

Posted on May 10, 2022

Posted in Children’s Privacy, Online Privacy, U.S. State Law

On May 10, 2022, Connecticut Governor Ned Lamont signed An Act Concerning Personal Data Privacy and Online Monitoring, after the law was previously passed by the Connecticut General Assembly in April. Connecticut is now the fifth state to enact a consumer privacy law.
Continue Reading Connecticut Enacts Consumer Privacy Law

Utah Becomes Fourth U.S. State to Enact Consumer Privacy Law

Posted on March 24, 2022

Posted in U.S. State Law

On March 24, 2022, Utah became the fourth state in the U.S., following California, Virginia and Colorado, to enact a consumer data privacy law, the Utah Consumer Privacy Act. The law will take effect on December 31, 2023.
Continue Reading Utah Becomes Fourth U.S. State to Enact Consumer Privacy Law

FTC Puts Companies on Notice that Failure to Identify and Patch Instances of Log4j May Violate FTC Act

Posted on February 22, 2022

Posted in Cybersecurity, Financial Privacy, Online Privacy, Security Breach, U.S. Federal Law

On January 4, 2022, the Federal Trade Commission published a blog post reminding companies that “the duty to take reasonable steps to mitigate known software vulnerabilities implicates laws including, among others, the Federal Trade Commission Act and the Gramm Leach Bliley Act,” in response to Log4Shell’s public disclosure of the Log4j vulnerability.
Continue Reading FTC Puts Companies on Notice that Failure to Identify and Patch Instances of Log4j May Violate FTC Act

FTC Announces Significant Updates to GLB Safeguards Rule

Posted on November 2, 2021

Posted in Financial Privacy, U.S. Federal Law

On October 27, 2021, the Federal Trade Commission announced significant amendments to the agency’s Safeguards Rule, which requires covered financial institutions to develop, implement and maintain a comprehensive information security program that complies with the Safeguards Rule’s requirements.
Continue Reading FTC Announces Significant Updates to GLB Safeguards Rule

UPDATE: New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Are Now in Effect

Posted on October 1, 2021

Posted in Cybersecurity, Information Security, Security Breach, U.S. State Law

On October 1, 2021, Connecticut’s two new data security laws went into effect. The new laws modify Connecticut’s existing breach notification requirements and establish a safe harbor for businesses that create and maintain a written cybersecurity program.
Continue Reading UPDATE: New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Are Now in Effect

New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

Posted on August 2, 2021

Posted in Cybersecurity, Information Security, Security Breach, U.S. State Law

Connecticut recently passed two cybersecurity laws that will become effective on October 1, 2021. The newly passed laws modify Connecticut’s existing breach notification requirements and establish a safe harbor for businesses that create and maintain a written cybersecurity program that complies with applicable state or federal law or industry-recognized security frameworks.
Continue Reading New Connecticut Breach Notification Requirements and Cybersecurity Safe Harbor Effective October 2021

Nevada’s Governor Expands State’s Internet Privacy Law That Previously Limited Right to Opt Out of Sales

Posted on June 4, 2021

Posted in FCRA, Information Security, U.S. State Law

On June 2, 2021, Nevada’s governor approved SB 260 (the “Amendment Bill”), which expands on the previously amended Nevada Privacy of Information Collected on the Internet from Consumers Act (the “Act”). Specifically, the Amendment Bill broadens the definition of key terms along with providing several new exemptions.
…
Continue Reading Nevada’s Governor Expands State’s Internet Privacy Law That Previously Limited Right to Opt Out of Sales

Menu

Privacy & Information Security Law Blog