On July 25, 2019, New York State Governor Andrew Cuomo signed the “Stop Hacks and Improve Electronic Data Security Act” (SHIELD Act). The SHIELD Act amends New York’s General Business Law and is an expansion of New York’s existing cyber security and
Twitter, Instagram and Facebook are now an everyday part of our lives, and that includes in the workplace. But while social media can be an excellent communication and marketing tool for businesses, personal use of social media at work can interfere
The Lei Geral de Proteção de Dados (LGPD) is Brazil’s General Data Protection law that creates a legal framework for the use of personal data that is processed or related to individuals in Brazil.
Using digital communications to reach customers has never been more popular, especially as the pandemic pushes more businesses to make consumer interactions contactless.
Yesterday, the Court of Justice of the European Union issued the long-awaited decision in Schrems II (Case C-311/18) in which it invalidated the EU-US Privacy Shield data transfer mechanism.
In any data incident the first question is – who do I call first? Well a recent court decision reminds companies that the first call should be legal counsel.Data breaches are a risk to any company collecting personally identifiable information.
With the sudden, drastic increase of distributed workforces came implementation of new practices and access solutions, which in turn created more surface area for bad actors to attack and more potential gaps for them to exploit.
Businesses should be aware and prepared to comply with the date breach compliance requirements of the CCPA in the event of a data breach incident, as discussed below, or risk facing litigation.
The impact of ongoing ransomware events in the healthcare and broader business communities compel us both professionally and personally to self-reflect and to ask tough questions like “how ready are we?” “can we really do anything to prevent it from
The same group behind the CCPA has proposed a new ballot initiative, the California Privacy Rights Act of 2020 (“CPRA”), dubbed “CCPA 2.0.”
The Final Rules implement interoperability and record access requirements intended to help patients obtain health records and payment data so they can make informed decisions about healthcare.
More and more companies with or without brick and mortar stores have some type of online presence. As such, the past few years there has been a tremendous amount of litigation surrounding how the ADA should be applied to websites.
This bulletin provides guidance to banks for the assessment of risks and more broadly, managing risks associated with third-party relationships.
Beckage PLLC has sought from New York’s Attorney General (AG) Letitia James a delay to the March 21 compliance milestone and general enforcement of the New York State Stop Hacks and Improve Electronic Data Security Act (SHIELD) Act by six months.
When it comes to cyber security threats, everyone is at risk - regardless of the size or industry of the business.
As many of us know, there has been a recent expanded awareness of the Coronavirus here in the United States since the virus first impacted China in late 2019.
After stalling last summer, the New York Privacy Act is back in play as legislators returned to Albany for the 2020 session. Featured in our roundup of top headlines from 2019, this bill has the potential to provide New York residents with more
Technology has transformed the way in which students are learning. Schools increasingly integrate IoT devices and third-party applications into the everyday delivery and management of education.
Last week the National Institute of Standards and Technology (NIST) released Version 1.0 of the NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management, a tool for managing privacy risk that’s been a year in the making
In the fast-paced, ever-evolving world of privacy and cybersecurity law, gathering the biggest news from 2019 was no small feat – from new laws and landmark cases, to major technological developments and international guidelines,
You’ve probably heard the buzz about the Internet of Things (IoT) - a suite of emerging technologies that promises great value to businesses, individuals and society. As broadband internet and wi-fi capable devices become more readily available
Hearings on two federal privacy law bills from opposite sides of the aisle were held late last week before the U.S. Senate Committee on Commerce, Science and Transportation.
While companies prepare for the California Consumer Privacy Act (CCPA) to come into effect on January 1, they may also need to catch up on a law that is already on the books – Nevada’s internet consumer privacy law.
On June 27, 2019 the Federal Trade Commission (FTC) hosted its fourth annual privacy conference PrivacyCon. Tasked with protecting consumers against privacy and security violations, at PrivacyCon
The SHIELD Act has been signed into law, and is effective in New York State on March 22, 2020. As always, Beckage lawyers are available to assist in addressing any questions you may have regarding data security developments. Find out more here.
An increasing number of companies are implementing biometric identifiers across a wide variety of industries. While biometrics streamline the identification process privacy concerns may arise and several states have passed or proposed biometric laws.
Let’s examine a few questions you should ask before signing up for a pen test or vulnerability assessment:
The CPPA aims to sets forth landmark privacy rights for Californians and becomes effective January 1, 2020. These bills are actions to advance proposed changes through the legislative process. Read the most notable clarifications from the bills here.
Once again, March 1st nears. And with it comes a cybersecurity compliance milestone for those entities operating under New York’s insurance, finance and banking laws. Let’s breakdown what this means...
Does the European Union’s General Data Protection Regulation apply to your non-EU company? State-side, this is the million-dollar question that many US based companies are still grappling with today – some 8 months after the GDPR’s enactment.
The New York State Department of Financial Services issued a Cybersecurity Regulation that carried with it several compliance milestones applicable to “Covered Entities” under the Regulation.
Headlines confirm data breaches continue to be a threat to companies regardless of size. From reputational harm, disruption to your daily business, to significant monetary penalties and litigation, potential effects of a data breach are important.
In the wake of the #MeToo movement and widespread attention on sexual harassment in the workplace, on April 12 Governor Cuomo passed into law the 2019 Budget, which included a package of laws aimed at combating sexual harassment.