- Posts by Lauren GodfreyPartner
Lauren advises clients across a variety of business sectors on best practices in data privacy and information security. She guides clients in responding to data security incidents, conducting initial assessments of data security ...
The Commonwealth of Pennsylvania has amended its Breach of Personal Information Notification Act. The amendments, available here 2024 Act 33 - PA General Assembly (state.pa.us), took effect last week, on September 26. The key provisions are as follows:
On April 24, the Federal Trade Commission announced that it had finalized changes to its Health Breach Notification Rule - to address emerging technologies.
Specifically, the Rule was broadened to (1) apply to entities not currently subject to the Health Insurance Portability and Accountability Act, (2) clarify what a breach of security is, (3) expand notification methods, (4) impose additional requirements for the content of notifications, and (5) amend the timeframe for issuing required notifications to the FTC.
Effective May 24, 2024, the Office of the Privacy Commissioner of Canada (OPC) has introduced a new online PIPEDA breach reporting form for federal institutions and businesses subject to the Personal Information Protection and Electronic Documents Act (PIPEDA).
On May 22, 2022, Minnesota Gov. Tim Walz (D) signed the Student Data Privacy Act (the “Act”), H.F. No. 2353, into law which amends Minnesota’s Government Data Practices Act. The Act went into effect beginning with the 2022-2023 school year.
On March 2, the Biden Administration released a “National Cybersecurity Strategy,” which it says takes a comprehensive approach to securing cyberspace for all and ensuring the United States is in the best position to take advantage of all the benefits that our digital future holds. The Strategy consists of five “pillars”: Infrastructure, threat actors, the market, plans ...
Recent amendments to Pennsylvania’s data breach law -- the Breach of Personal Information Notification Act – will take effect May 3. The amendments were enacted in November.
Originally enacted in 2006, the Act provides for the security of computerized data and requires notification to Pennsylvania residents whose personal information data was, or may have been, disclosed due to a breach of the security of an entity’s system.
The Constangy Cyber Advisor posts regular updates on legislative developments, data privacy, and information security trends. Our blog posts are informed through the Constangy Cyber Team's experience managing thousands of data breaches, providing robust compliance advisory services, and consultation on complex data privacy and security litigation.
Subscribe
Contributors
- Suzie Allen
- John Babione
- Jason Cherry
- Christopher R. Deubert
- Maria Efaplomatidis
- Sebastian Fischer
- Laura Funk
- Lauren Godfrey
- Amir Goodarzi
- Taren N. Greenidge
- Chasity Henry
- Julie Hess
- Sean Hoar
- Donna Maddux
- David McMillan
- Ashley L. Orler
- Todd Rowe
- Melissa J. Sachs
- Allen Sattler
- Alyssa Watzman
- Aubrey Weaver
- Xuan Zhou