State data privacy laws Archive
Last month, the U.S. Congress passed the CIRCIA (Cyber Incident Reporting for Critical Infrastructure Act of 2022), which requires organizations involved in critical infrastructure to report cybersecurity incidents within 72 hours. Jen Easterly, the head of the CISA (Cybersecurity and …
The United States was once the leader in creating rules curtailing fraud on stock exchanges. One of its most famous rules, Rule 10-b5 codified at 17 CFR 240.10b-5, was created in the 1940s and prohibits acts or omissions resulting in …
The odds of an organization experiencing a cyber security breach are about 30% in any two-year period. A cybersecurity breach can have major, sometimes catastrophic, effects – on an organization’s reputation and even the cost of debt. This makes responding …
Data privacy laws in the United States are notoriously tricky. There are a patchwork of industry-specific federal laws and state legislations whose scope and jurisdiction vary. And to complicate matters further, each state has its own requirements for disclosing security …
Do you operate in Massachusetts? Do you regularly process the personal information of people in the state? If so, you may be aware of a law dating back to 2010 that requires that “every person that owns or licenses personal …
The U.S. Presidential election has left voters grasping for certainty when it comes to executive leadership. What is clear is that voters in California have overwhelmingly approved Proposition 24, also known as the CPRA (California Privacy Rights Act). The CPRA …
The Minnesota DHS (Department of Human Services) announced that an employee’s email account was accessed by criminal hackers last September.The phishing attack may have exposed the PII (personable identifiable information) of about 3,000 people within its Children and Family Services …
