Alston & Bird Privacy, Cyber & Data Strategy Blog

SEC Dismisses Remaining Claims Against SolarWinds

November 24, 2025 By Cara Peterman, Sierra Shear and Madeleine Juszynski Davidson

On November 20, 2025, the Securities and Exchange Commission (SEC) dismissed its landmark enforcement action against SolarWinds Corp. and the company’s Chief Information Security Officer, Tim Brown. In 2023, the SEC’s enforcement action broke new ground as the first formal action by the Commission against a CISO and the first civil fraud action litigated by the SEC related to a public company’s cybersecurity disclosures. Dismissing the action comes as somewhat of a surprise after the parties … [Read more] about SEC Dismisses Remaining Claims Against SolarWinds

The EU Digital Omnibus: A European Data Law Shake-Up May Be Coming

November 21, 2025 By Alice Portnoy, Wim Nauwelaerts and Paul Greaves

On November 19, the European Commission (EC) released its EU Digital Omnibus proposal - a 153-page document accompanied by an explanatory memorandum and a Staff Working Document. This proposal introduces amendments, deletions, and replacements to … [Read more] about The EU Digital Omnibus: A European Data Law Shake-Up May Be Coming

UK Cybersecurity Legislation Soon to be Introduced

November 21, 2025 By Hanna Hewitt

The UK Government has introduced the Cyber Security and Resilience (Network and Information Systems) Bill (the “Bill”) to Parliament, marking the most significant update to the UK’s cyber legislation since 2018. You can access a copy of the Bill … [Read more] about UK Cybersecurity Legislation Soon to be Introduced

Closing the Privacy Gap: HIPRA Targets Health Apps and Wearables

November 19, 2025 By Sara Pullen, Angela Burnette and Jennifer Pike

Move over HIPAA…the health privacy landscape may be in for a shakeup. On November 4, 2025, Senator Bill Cassidy, M.D. (R-LA) introduced the Health Information Privacy Reform Act (HIPRA), a bill aimed at closing a gap in health data protections. HIPAA … [Read more] about Closing the Privacy Gap: HIPRA Targets Health Apps and Wearables

HIPAA Security Rule: Still on Track for Finalization

November 3, 2025 By Jennifer Everett, Kate Hanniford, Angela Burnette and Jennifer Pike

Since the HHS Office for Civil Rights’ (OCR) publication of a proposed rule to overhaul the HIPAA Security Rule in January 2025, many in the health care and privacy community have wondered whether the rule would quietly fade away. Some even hoped it … [Read more] about HIPAA Security Rule: Still on Track for Finalization