• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

Kate Hanniford

NYDFS Releases Significant Enhancements to its Cybersecurity Regulation in the Proposed Second Amendment

November 18, 2022 By Kim Peretti, Kate Hanniford, Ashley Miller and Lance Taubin

The New York Department of Financial Services (“DFS”) released their proposed second amendment to the Cybersecurity Regulation, 23 NYCRR Part 500 (“Proposed Second Amendment”) on October 9, 2022. DFS issued a minor amendment on April 2, 2020, revising the certification of compliance date (from February to April). The Proposed Second Amendment follows DFS’s “pre-proposed” draft […]

Filed Under: Cybersecurity, Data Protection, NYDFS

FTC Takes Action Against Ed Tech Provider for Failure to Secure Student’s Personal Information

November 3, 2022 By Kim Peretti, Kate Hanniford, Alysa Austin and Lance Taubin

On October 31, 2022, the Federal Trade Commission (FTC) announced it has taken action against education technology provider Chegg Inc. (“Chegg”) for its “careless” cybersecurity practices that exposed sensitive personal information of millions of its customers and employees.  This action highlights the FTC’s continued efforts to aggressively protect consumer personal data. The FTC’s complaint alleges […]

Filed Under: Data Breach, FTC

SEC Sends a Message to Investment Advisers: Take Secure Data Disposal Seriously

September 26, 2022 By Kate Hanniford

  On September 20, 2022, the Securities and Exchange Commission (SEC) settled an enforcement action with a large, registered investment adviser (the Firm) for alleged violations of the Safeguards Rule and the Disposal Rule of Regulation S-P that arose in the context of a data disposal process, imposing a $35 million penalty. Specifically, the SEC […]

Filed Under: Cybersecurity, Data Protection, Data Security, Financial Privacy, Privacy, SEC Tagged With: Cybersecurity, Data Protection, Regulatory Enforcement, Securities and Exchange Commission

SEC Settles Enforcement Actions with Broker-Dealers and Investment Advisors for Identity Protection Deficiencies

August 1, 2022 By Alysa Austin and Kate Hanniford

On July 27, 2022, the Securities and Exchange Commission (SEC) separately settled three enforcement actions with broker-dealers and investment advisers for alleged deficiencies relating to the prevention of customer identity theft, in violation of the SEC’s Identity Theft Red Flags Rule, or Regulation S-ID. Regulation S-ID requires registered financial institutions, broker dealers, and investment advisers […]

Filed Under: Cybersecurity, Data Protection, Financial Privacy Tagged With: Cybersecurity, Data Protection, Identity Theft, Regulatory Enforcement, Securities and Exchange Commission

Maryland Amends Data Breach and Reasonable Security Requirements

July 5, 2022 By Kim Peretti, Kate Hanniford and Lance Taubin

Maryland recently passed House Bill 962, amending Maryland’s Personal Information Protection Act (PIPA) (Md. Code Ann. Comm. Law 14-3504). As summarized below, House Bill 962 amends certain aspects of PIPA relating to breach notification and maintaining reasonable security measures to protect personal information. The bill becomes effective October 1, 2022. Reasonable Security: Beginning October 1, […]

Filed Under: Data Breach, Data Protection, Data Security, Security Breach

  • « Go to Previous Page
  • Page 1
  • Page 2
  • Page 3
  • Page 4
  • Page 5
  • Page 6
  • Interim pages omitted …
  • Page 10
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • New York Department of Health Issues Urgent Cybersecurity Warning Following U.S. Strikes on Iranian Nuclear Facilities
  • Texas Enacts Responsible AI Governance Act
  • Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases
  • UK Data Protection Regulator Fines 23andMe ~$3.1 Million Following Credential Stuffing Attack
  • NYDFS Issues Guidance on Heightened Cybersecurity and Sanctions Risk from Global Conflict
Copyright © 2025 · Alston & Bird · All Rights Reserved. Privacy.