In the absence of a federal comprehensive privacy law, states have been enacting their own in a sort of domino effect, creating a patchwork of compliance laws with their own nuances. The Texas Data Privacy and Security Act (TDPSA) is one of those new laws and goes into effect July 1, 2024, bringing Texas into the fold of U.S. states with a comprehensive data privacy law. While the TDPSA is similar to existing state data privacy laws, it has a unique threshold requirement that may broaden its reach compared to other states. Below are some key considerations that covered businesses should take into account to get ready for compliance with this upcoming new law. Read the full Alert on the Duane Morris website.
Webinar Replay: Data Privacy and Security Landscape – Wearable Fitness and Health Tech
A replay of the Duane Morris webinar The Data Privacy and Security Landscape: Let’s Talk About Tech ‒ Wearable Fitness and Health Tech is now available.
FTC Amends Safeguards Rule to Add a Breach Notification Requirement
The Federal Trade Commission (FTC) has approved an amendment to the Safeguards Rule that would require nonbanking financial institutions to report a breach of unencrypted customer information involving at least 500 customers. The notice must be provided as soon as possible, and no later than 30 days after discovery. The new requirement becomes effective 180 days after publication of the rule in the Federal Register.
Read the full Alert on the Duane Morris LLP website.
Webinar Replay: Legal Developments in U.S. Consumer Data Protection Regulations
A video replay of the webinar “The Data Privacy and Security Landscape: Legal Developments in U.S. Consumer Data Protection Regulations” is available to view.
Top Tips: Keeping Data Safe When Working Remotely
By John M. Benjamin and Edward Pickard
The coronavirus pandemic has had a severe impact on businesses right across the globe and with a third of the world now in lockdown, thousands of businesses have moved most of their workforce to remote working. Although working from home allows a business to continue operating, it brings significant security risks, placing a greater need to maintain compliance with relevant data security requirements.
Maintaining the security of company data is the responsibility of both the employer and employee and continuing to maintain appropriate security measures is critical at this time. Below are some key points for employees and businesses to keep data secure when working remotely. Continue reading “Top Tips: Keeping Data Safe When Working Remotely”
Best Practices for Consumer Wearables & Wellness Apps
Last week the Future of Privacy Forum (FRF) issued “Best Practices for Consumer Wearables & Wellness Apps & Devices. The Best Practices are built on the five core principles of privacy protection, which form the foundation for privacy laws in the U.S.: (1) Notice/Awareness; (2) Choice/Consent; (3) Access/Participation; (4) Integrity/Security; and (5) Enforcement/Redress. They also seek to add protections for data that may not be covered by specific sector legislation and to add guidance in areas where general privacy statues are applicable.
While the Best Practices may appear easy to apply, in practice, they require businesses to develop a comprehensive approach to privacy and data security practices with the guidance of experienced counsel to avoid significant risks in this emerging area.
The Best Practices can be viewed at https://fpf.org/wp-content/uploads/2016/08/FPF-Best-Practices-for-Wearables-and-Wellness-Apps-and-Devices-Final.pdf