The Federal Trade Commission’s (FTC) Standards for Safeguarding Customer Information (Safeguards Rule) was promulgated under the Gramm-Leach-Bliley Act (GLBA) with the intent to require financial institutions to develop, implement, and maintain reasonable administrative, technical, and physical safeguards to protect the security, confidentiality, and integrity of customer information.[1] Traditional financial institutions (such as banks and credit…
Privacy and Cybersecurity Solutions
Blog Authors
Latest from Privacy and Cybersecurity Solutions
Ransomware: Plan for Disaster
As you get to work in the morning, you find your keycard will not let you into the office. You try a different entrance. That door also does not open. You call the company’s IT department to see what is going on to find out that the company’s phones only ring to a dial tone….…
2023: The Year of Consumer Data Privacy
So far, 2023 has been a monumental year for new consumer data privacy laws. At the start of the year, we urged businesses to update their consumer privacy policies to comply with the new state laws in California, Colorado, Connecticut, Virginia, and Utah that have and will be implemented over the course of 2023 (see……
HHS Publishes New Cybersecurity Resources
The U.S. Department of Health and Human Services (HHS) recently published new cybersecurity resources with the goal of mitigating common cybersecurity threats in the healthcare sector. The resources include: Knowledge on Demand is a free resource, which provides quality cybersecurity education training. With increasing cybersecurity scrutiny by HHS, proof of workforce training remains a top……
Connecticut’s New Privacy Act: Another New Layer of Complexity for Privacy Compliance
On July 1, 2023, the Connecticut Privacy Act will take effect adding another legislative layer of complexity to running a business. Connecticut’s Act Applies to Almost Every Business The Act applies to both individuals or entities who conducts business in Connecticut or target products or services to Connecticut residents and either (1) controlled or processed……
Colorado’s Privacy Act: Do Not Be Caught Off-Guard
The Colorado Privacy Act (CPA) will change the landscape for a wide range of businesses doing business in Colorado or with Colorado residents on July 1, 2023. With only five months until this law takes effect, companies should move rapidly to ensure they are in full compliance with the new act. Failure to comply with……
FTC Provides a Wake-Up Call for Companies with Lax Privacy Policy Compliance
How confident are you that your website privacy policy accurately explains what you’re doing with your customer’s data? You now have another 1,500,000 reasons to potentially worry, because the FTC recently slapped GoodRx with a $1.5 million penalty for privacy violations. While this is the first time a regulatory penalty has been handed out under……
Landmark $1.2M Sephora Settlement Highlights the Importance of CCPA Compliance
The Attorney General (AG) for California just settled a California Consumer Privacy Act (CCPA) enforcement case against Sephora for $1.2 million. While Sephora denies liability in the settlement, the outcome of this settlement should send shivers down most companies’ spines who may engage in some of the same conduct that landed Sephora in trouble. Read……
What We Learned from the Hack of Disney’s Instagram (And, How You Can Avoid It)
The “Happiest Place on Earth” was hacked. Well, its Instagram and Facebook accounts, anyway. During the early morning hours of Thursday, July 7, Disneyland’s social media accounts published several posts containing both racist and explicit language. The posts were a far departure from the uplifting and whimsical content Disneyland typically shares with its more than……
Top Eight Things to Remember During a Cybersecurity Crisis
On Friday, June 17, 2022, the Center for American and International Law’s 57th Academy of American and International Law welcomed attorney Shawn Tuma; Mark Michels, Santa Clara University School of Law; and Micah Skidmore, Haynes and Boone; to lead a cyber breach crisis workshop. Jessica Lee and Haley Stevers, 2022 Summer Associates at Spencer Fane,……