Time 1 Minute Read

On March 22, 2023, Capita PLC (“Capita”) experienced a cyber incident which it announced in a press release on April 3, 2023 and an update on April 20, 2023. Capita identified the incident on March 31, 2023, and confirmed the incident caused disruption to some services provided to individual clients, which has now been resolved. On April 21, 2023, the UK Information Commissioner’s Office (“ICO”) issued a statement confirming that Capita reported the incident and the ICO is investigating. The ICO also noted that other organizations affected by the incident should “consider their position[s]” and, if necessary, submit a breach notification.

Time 5 Minute Read

On April 21, 2023, the Montana and Tennessee legislatures voted to enact comprehensive consumer privacy bills in their respective states. If signed by their governors, Montana’s Consumer Data Privacy Act (S.B. 384) (“MCDPA”) and Tennessee’s Information Protection Act (H.B. 1181) (“TIPA”) could make these states the eighth and ninth U.S. states to enact comprehensive privacy legislation.

Time 1 Minute Read

On April 26, 2023, the European Data Protection Board (“EDPB”) initiated the procedure for electing a new Chair and Deputy Chair to replace Andrea Jelinek and Ventsislav Karadjov, whose mandates will end on May 25, 2023.

Time 3 Minute Read

On April 27, 2023, Washington State Governor Jay Inslee signed the My Health My Data Act into law, making Washington the first state to establish a comprehensive health data privacy law in the United States.

Time 2 Minute Read

On April 6, 2023, the New York City Department of Consumer and Worker Protection ("DCWP") announced it adopted final rules to implement NYC’s Local Law 144 (“LL 144”) regarding automated employment decision tools (“AEDTs”). Enforcement of the law and the rules will begin on July 5, 2023.

Time 2 Minute Read

On April 12, 2023, the U.S. Department of Health and Human Services (“HHS”) issued a Notice of Proposed Rulemaking (“NPRM”) to modify protections under the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) to strengthen reproductive health care privacy.

Time 5 Minute Read

On April 13, 2023, the Indiana Senate concurred to the Indiana House’s amendments of Senate Bill 5 (“SB 5”) a day after the House returned the bill to the Senate with amendments, and a couple days after the Indiana House unanimously voted to approve SB 5. SB 5 now will head to Governor Eric Holcomb for a final signature, where he will have seven days upon transmission to sign SB 5 into law or veto it. This could make Indiana the seventh U.S. state to enact comprehensive privacy legislation.

Time 2 Minute Read

On April 12, 2023, Arkansas Governor Sarah Huckabee Sanders signed into law S.B. 396 creating the state’s Social Media Safety Act (the “Act”). The Act comes after Utah’s similar social media laws enacted in March.

Time 1 Minute Read

On March 30, 2023, the California Privacy Protection Agency (“CPPA”) announced that California’s Office of Administrative Law (“OAL”) approved the CPPA’s substantive rulemaking package to implement the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CPRA”).

Time 2 Minute Read

On April 4, 2023, the data protection regulator of the UK, the Information Commissioner’s Office (ICO), issued a fine of a £12.7 million to TikTok Information Technologies UK Limited and TikTok Inc (together, “TikTok”) for a number of breaches of UK data protection law, including failing to use children’s personal data lawfully. 

Search

Subscribe Arrow

Recent Posts

Categories

Tags

Archives

Jump to Page