To embed, copy and paste the code into your website or blog:
The SolarWinds hack highlights the critical need for organizations of all sizes to include cyber supply chain risk management as part of their information security program. It is also a reminder that privacy and security risks to an organization’s data can come from various vectors, including third party vendors and services providers. By way of example, the Pennsylvania Department of Health recently announced a data security incident involving a third-party vendor engaged to provide COVID-19 contact tracing. The personal information of Pennsylvania residents was potentially compromised when the vendor’s employees used an unauthorized collaboration channel.
To print this article, all you need is to be registered or login on Mondaq.com.
In a previous
update, we provided a comprehensive round-up of several notable
pending US state privacy laws. We are checking-in on the
progression of some of those laws in this further update. The next
installment will update the remaining state laws in progress.
Be sure to check back with the Mintz Privacy & Cybersecurity Blog for our
continued review and analyses of these proposed laws, or subscribe to
our newsletter.
New Laws
Virginia
The Virginia Consumer Data Protection Act
( CDPA ) was signed into law on March 2, 2021, making
To embed, copy and paste the code into your website or blog:
In a previous update, we provided a comprehensive round-up of several notable pending US state privacy laws. We are checking-in on the progression of some of those laws in this further update. The next installment will update the remaining state laws in progress.
New Laws
Virginia
The Virginia Consumer Data Protection Act (“CDPA”) was signed into law on March 2, 2021, making Virginia the second US state after California to pass a comprehensive data privacy law. Those familiar with the European Union General Data Protection Regulation (“GDPR”) will recognize terminology throughout the CDPA, mimicking many GDPR-defined terms, such as “controller”, “processor” and “personal data.” While not quite as expansive as the GDPR in every respect, the CDPA is a broad-based privacy law that is on par with the California Consumer Privacy Act (“CCPA”). For our summary of the CDPA, please see our
Kill bill volume 3? Florida joins Washington and Oklahoma in list of states that attempted and failed to pass data privacy laws
Fearing that it would lead to a flurry of lawsuits for local businesses, the Florida Senate killed a once-promising comprehensive data privacy bill. This comes after comparable bills from Washington state and Oklahoma met a similar fate. Here’s the scoop.
The Florida state House passed a comprehensive California Consumer Protection Act (CCPA)-like consumer data privacy bill with overwhelming support – a rare demonstration of bipartisanship coming out of a notorious swing state late last month. But, on April 30, the proposed law met its fatal blow in the state Senate.
To print this article, all you need is to be registered or login on Mondaq.com.
In a previous update, we provided a comprehensive round-up
of several notable pending US state privacy laws. We are
checking-in on the progression of some of those laws in this
further update. The next installment will update the remaining
state laws in progress.
Be sure to check back with the Mintz Privacy & Cybersecurity Blog for our
continued review and analyses of these proposed laws, or subscribe to our newsletter.
New Laws
Virginia
The Virginia Consumer Data Protection Act
( CDPA ) was signed into law on March 2, 2021, making