On January 12, 2024, the New York State Department of Financial Services (“NYDFS”) released a new Industry Letter on the use of self-service password reset (“SSPR”) services, which enable users to reset their own password without the assistance of … [Read more] about NYDFS Releases Industry Letter on the Use of Self-Service Password Reset Feature
Neurotechnology, like wearable EEG headbands and invasive brain implants, collects information from electrical nerve impulses and brain waves derived from your brain, spinal cord, or nervous system. This information, or neurodata, is valuable, … [Read more] about Making (Brain) Waves: New Colorado Legislation Poised to Protect Privacy of Neural Data
On January 5, 2024, the New York Attorney General’s Office (“NY AG”) announced a settlement with Refuah Health Center, Inc. (“Refuah”) based on the company’s alleged failures to appropriately safeguard its patients’ information, including failing to … [Read more] about NY AG’s Office Announces Significant Cybersecurity Settlement with Healthcare Company
It has become common knowledge that the General Data Protection Regulation (2016/679) (GDPR) heavily restricts transfers of personal data outside of the European Union (EU). In the absence of an adequacy decision by the European Commission, the GDPR … [Read more] about Are You Using EU Standard Contractual Clauses for Data Transfers? Be Aware of these Breach Notification Requirements
On December 29, 2023, the Colorado Attorney General (the “AG”) announced that the Global Privacy Control (“GPC”) will become the first universal opt-out mechanism (“UOOM”) the AG considers valid under the Colorado Privacy Act (the “CPA”). Effective … [Read more] about Colorado AG Recognizes Global Privacy Control as the First Valid Universal Opt-Out Mechanism