Data Security

India’s Draft Data Protection Bill: Another GDPR Around The Corner?

September 19, 2018 By Privacy, Cyber & Data Strategy Team

India recently introduced the Personal Data Protection Bill 2018 (“Bill”). The transfer of personal data in India is currently governed by the SPD Rules (Sensitive Personal Data and Information, 2011), which is however considered outdated and not fully protective of personal data. The Bill comes as a result of the country’s Supreme Court recent judgment […]

California Legislature Amends CCPA

September 4, 2018 By Privacy, Cyber & Data Strategy Team

Last Friday, the California Senate and Assembly passed SB-1121, amending the California Consumer Privacy Act (“CCPA”) as enacted in June. We previously issued an advisory following the June enactment, and will host a webinar discussing the law (as now amended) on September 12. This blog post highlights some of the key amendments to the CCPA. […]

South Carolina Enacts Insurance Data Security Act

August 20, 2018 By Privacy, Cyber & Data Strategy Team

South Carolina recently enacted a prescriptive data security law for insurers. The law bears resemblance to the New York Department of Financial Services (NYDFS) cybersecurity rules that entered into force last year. In short, the South Carolina law requires licensees (defined below) to develop and implement a comprehensive written information security program (a “WISP”) and […]

NYDFS Cybersecurity Requirements Compliance Deadline Nears for Key Provisions

August 16, 2018 By Kate Hanniford

September 4, 2018 marks the end of the transitional period for covered entities to comply with several key provisions of the NYDFS Cybersecurity Requirements that require certain systemic and sustained measures. These provisions include the encryption and audit trail requirements as well as ones relating to the implementation of monitoring policies, procedures, and controls, application […]