• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to secondary sidebar

Alston & Bird Privacy, Cyber & Data Strategy Blog

  • Home
  • Services
  • Events
  • Contacts

Data Breach

CISA Posts Notice of Proposed Rulemaking Under CIRCIA

April 7, 2024 By Kim Peretti and Kristen Bartolotta

On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM) implementing the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA). For additional background on CIRCIA, see our prior advisory. CISA is required to issue a final rule by October 4, 2025. Who is required to report covered […]

Filed Under: Cyber Risk, Cybercrime, Cybersecurity, Data Breach, Data Protection, Data Security, Regulation, Security Breach Tagged With: Cybersecurity

More Guidance from HHS on Online Tracking Technologies but Questions Remain

March 20, 2024 By Daniel Felz, David Keating and Sara Pullen Guercio

Health and Human Services (“HHS”) released updated guidance yesterday on the use of online tracking technologies (like cookies, pixels, software development kits (SDKs), etc.) by HIPAA Covered Entities (the “Updated Guidance”). The Updated Guidance amends and supersedes HHS’s original guidance on the use of digital tracking technologies published on December 1, 2022 (the “Prior Guidance”).  […]

Filed Under: Data Breach, Data Breach Litigation, Data Security, Enforcement, ePrivacy, Health Privacy, HHS, Mobile Privacy, Online Privacy, Privacy, Privacy Litigation, Regulation

Are You Using EU Standard Contractual Clauses for Data Transfers? Be Aware of these Breach Notification Requirements

January 8, 2024 By Wim Nauwelaerts

It has become common knowledge that the General Data Protection Regulation (2016/679) (GDPR) heavily restricts transfers of personal data outside of the European Union (EU). In the absence of an adequacy decision by the European Commission, the GDPR allows controllers and processors to transfer personal data to a third country outside of the EU only […]

Filed Under: Data Breach, GDPR, International, Standard Contractual Clauses Tagged With: Data Breach Notification, European Union (EU), International Data Transfers

NYDFS Releases Consent Order in First Enforcement Action Brought Under the Cybersecurity Regulations

December 18, 2023 By Kate Hanniford, Lance Taubin, Ashley Miller and Kristen Bartolotta

After a three-year investigation/enforcement action by the New York Department of Financial Services (“NYDFS”), NYDFS entered into a Consent Order with a large title insurer (the “Company”) for its violation of NYDFS’s Cybersecurity Regulation (23 NYCRR Part 500) (the “Regulation”), specifically, its failure to protect non-public information (“NPI”). NYDFS originally brought the enforcement action in […]

Filed Under: Cybersecurity, Data Breach, Data Security, NYDFS Tagged With: Cybersecurity, Regulatory Enforcement, US State Law

FCC Plans to Update Data Breach Notification Rules

December 12, 2023 By Kim Peretti and Lance Taubin

After a decade and a half under the current data breach notification rules for telecommunications carriers and telecommunications relay services (TRS) providers, the FCC recently unveiled plans to update and expand them. On November 22, 2023, the FCC issued a Report and Order that it intends to consider at its December 13th meeting that would […]

Filed Under: Data Breach, Regulation, Security Breach Tagged With: Data Breach Notification, Federal Communications Commission (FCC), Regulations

  • « Go to Previous Page
  • Page 1
  • Page 2
  • Page 3
  • Page 4
  • Page 5
  • Interim pages omitted …
  • Page 35
  • Go to Next Page »

Primary Sidebar

This blog is a service of Alston & Bird’s Privacy, Cyber & Data Strategy team and focuses on key data privacy and data security issues.


Receive email notifications when new posts are added.

Receive email notifications when new posts are added.


RANSOMWARE FUSION CENTER
Click here to request access

THE DIGITAL DOWNLOAD
Click here to see the editions

PRIVACY & CYBER EVENTS
Click here to see upcoming and past events

PRIVACY & CYBER MAILINGS
Click here to sign up

@ALSTONPRIVACY
Click here to follow us on Twitter

Secondary Sidebar

Categories

Recent Posts

  • New York Department of Health Issues Urgent Cybersecurity Warning Following U.S. Strikes on Iranian Nuclear Facilities
  • Texas Enacts Responsible AI Governance Act
  • Back from the Brink: District Court Clears Air Regarding Individualized Damages Assessment in Data Breach Cases
  • UK Data Protection Regulator Fines 23andMe ~$3.1 Million Following Credential Stuffing Attack
  • NYDFS Issues Guidance on Heightened Cybersecurity and Sanctions Risk from Global Conflict
Copyright © 2025 · Alston & Bird · All Rights Reserved. Privacy.