Privacy

U.S. Privacy Law: Past, Present and Future

Privacy law is a hot topic for legislatures in the United States at both the state and federal levels. With the advent of influential laws from international governments, including the European Union, the lack of significant privacy regulation in the U.S. has become glaringly apparent. In this article, we discuss the history of privacy regulation…
Read More
NIST

Implementing the NIST Privacy Framework – Govern Function

The National Institute of Standards and Technology (NIST) Privacy Framework is a widely known control set used to assist organizations in identifying privacy risks within their business environment and allocating resources to mitigate these risks. Our team previously published an article outlining the best ways to leverage the NIST Privacy (NIST-P) Framework to assess data privacy posture,…
Read More
NIST

Implementing the NIST Privacy Framework – Identify Function

The National Institute of Standards and Technology (NIST) Privacy Framework, published in January 2020, is quickly becoming the mainstream control set for organizations to align with when assessing their data privacy posture, developing readiness roadmaps, and maturing their privacy program. We have previously written about how the controls in the NIST Privacy can be mapped to…
Read More
Data Security

The Impact of Data Security Incident Trends on Commercial Transactions

The 2021 edition of BakerHostetler’s annual Data Security Incident Response Report – a report based on the firm’s experience with data security incident response and litigation over the past year – features a number of important insights previously covered on this blog including trends in global breach notification, healthcare industry risks and ransomware. The Report is a helpful tool for companies…
Read More
Privacy Law

Colorado Privacy Act: Another Piece to the Data Privacy Puzzle

Introduction Privacy laws have entered the compliance world by storm and are quickly changing data privacy practices. The most recent state, Colorado, passed the Colorado Privacy Act (CPA) into law on July 7, 2021. This new act follows California’s Consumer Privacy Act (CCPA) but calls out several additional rights, actions, and policies. The CPA pulls…
Read More
Data Privacy

UAE Moves to Regulate Data Privacy 

The United Arab Emirates (UAE) this week announced plans to move forward with a federal data privacy protection law. Aptly titled the Data Protection Law, the proposed legislation is the first of its kind in the UAE, and comes out of a charter of ten strategic principles called the “Principles of 50,” which are designed…
Read More
Cybersecurity

How Cybersecurity Frameworks Can Protect Your Organization (Even in the Event of a Breach)

It’s certainly no secret how damaging data breaches can be for organizations today. And if lost revenue and a tarnished reputation aren’t enough to make you want to act, your organization could face punitive damages if you fail to protect your customers’ private information. Yes, that’s right—steep fines imposed by regulatory agencies can await those…
Read More
CCPA

CCPA Enforcement is Picking Up. Are you Ready?

Although the California Consumer Privacy Act (“CCPA”) has been in effect since January 1, 2020 and subject to enforcement since July 1, 2020, it seemed until recently that compliance had been somewhat spotty. Well, it’s time to wake from your compliance slumbers and start paying attention because California’s new Attorney General (“AG”) Rob Bonta has…
Read More
Pegasus

Pegasus and Privacy

Pegasus spyware, developed by the NSO Group, an Israeli company, has provoked the ire of journalists, privacy advocates, the EU, UN, and U.S. Congress following revelations that the software was used to monitor over 50,000 cell phone numbers from individuals across 50 countries. Export licenses for this military-grade software must be approved by the Israeli…
Read More
Third Party

How India’s DEPA Framework Uses Software to Empower Privacy Compliance

As detailed as laws like the General Data Protection Regulation (GDPR) and the California Privacy Rights Act (CPRA) are, there is no one-size-fits-all framework for data privacy. You may know the rules, but how do you make sure you and the rest of your organization are following them? More specifically, how do you implement privacy-focused…
Read More
Back To Top