On April 13, 2023, the Indiana Senate concurred to the Indiana House’s amendments of Senate Bill 5 a day after the House returned the bill to the Senate with amendments, and a couple days after the Indiana House unanimously voted to approve SB 5.
Continue Reading Indiana Likely to Become Seventh State to Enact a Comprehensive State Privacy Law
Gramm Leach Bliley Act
SEC Advances Three New Cybersecurity Rule Proposals
Posted on
On March 15, 2023, the Securities and Exchange Commission proposed three rules related to cybersecurity and the protection of consumers’ information.
Continue Reading SEC Advances Three New Cybersecurity Rule Proposals
Iowa House and Senate Unanimously Vote to Approve Comprehensive Privacy Legislation
Posted on
On March 6 and 15, 2023, both chambers of the Iowa Legislature unanimously voted to approve Senate File 262, which could make Iowa the sixth U.S. state to enact comprehensive privacy legislation.
Continue Reading Iowa House and Senate Unanimously Vote to Approve Comprehensive Privacy Legislation
Bill to Amend the Gramm-Leach-Bliley Act Introduced to Congress
Posted on
Posted in Financial Privacy, Information Security
On February 24, 2023, Representative Patrick T. McHenry of North Carolina introduced a bill proposing the creation of the Data Privacy Act of 2023. …
Continue Reading Bill to Amend the Gramm-Leach-Bliley Act Introduced to Congress
2022 Retail Industry Year in Review
Posted on
Posted in Cybersecurity
On January 25, 2023, Hunton Andrews Kurth’s retail industry team released its annual Retail Industry in Review publication, which provides an overview of key issues and trends that impacted the retail sector in the past year, as well as a preview of relevant legal issues retailers can expect to arise in 2023.
Continue Reading 2022 Retail Industry Year in Review
FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule
Posted on
On November 15, 2022, the Federal Trade Commission announced a six-month extension for companies to comply with certain updated requirements of the Gramm-Leach-Bliley Act’s Safeguards Rule, a set of data security provisions covered financial institutions must implement to protect their customers’ personal information.
Continue Reading FTC Announces Six-Month Extension for Compliance with Some Changes to Gramm-Leach-Bliley Safeguards Rule
Vermont Enacts Insurance Data Security Law
Posted on
On May 27, 2022, Vermont Governor Phil Scott signed H.515, making Vermont the twenty-first state to enact legislation based on the National Association of Insurance Commissioners Insurance Data Security Model Law. This blog entry provides a summary of the legislation.
Continue Reading Vermont Enacts Insurance Data Security Law
Connecticut Enacts Consumer Privacy Law
Posted on
On May 10, 2022, Connecticut Governor Ned Lamont signed An Act Concerning Personal Data Privacy and Online Monitoring, after the law was previously passed by the Connecticut General Assembly in April. Connecticut is now the fifth state to enact a consumer privacy law.
Continue Reading Connecticut Enacts Consumer Privacy Law
Utah Becomes Fourth U.S. State to Enact Consumer Privacy Law
Posted on
Posted in U.S. State Law
On March 24, 2022, Utah became the fourth state in the U.S., following California, Virginia and Colorado, to enact a consumer data privacy law, the Utah Consumer Privacy Act. The law will take effect on December 31, 2023.
Continue Reading Utah Becomes Fourth U.S. State to Enact Consumer Privacy Law
FTC Puts Companies on Notice that Failure to Identify and Patch Instances of Log4j May Violate FTC Act
Posted on
On January 4, 2022, the Federal Trade Commission published a blog post reminding companies that “the duty to take reasonable steps to mitigate known software vulnerabilities implicates laws including, among others, the Federal Trade Commission Act and the Gramm Leach Bliley Act,” in response to Log4Shell’s public disclosure of the Log4j vulnerability.
Continue Reading FTC Puts Companies on Notice that Failure to Identify and Patch Instances of Log4j May Violate FTC Act