Search

Search form

Virginia’s Consumer Data Protection Act is not the only Privacy and Data Protection Law in the Commonwealth

On January 1, 2023, Virginia’s Consumer Data Protection Act (CPDA) takes effect. Key features of the CPDA include expansive consumer privacy rights (right to access, right of rectification, right to delete, right to opt-out, right of portability, right against automatic decision making), a broad definition of “personal information”, the inclusion of a “sensitive data” category,...
November 10, 2022

CPPA Board Publishes Second Modification to CPRA Regulations

In June 2022, the California Privacy Protection Agency (CPPA) Board first started discussions about revising the regulations previously released by the California Attorney General. In October, the Board released proposed modifications to the regulations in advance of a planned Board meeting. Since then, the Board has rescheduled both Board and public meetings. The Board seems...
November 7, 2022

NLRB General Counsel Memo on Electronic Monitoring of Employees

Responding in part to the nature of the post-COVID-19 remote workplace, NLRB GC Jennifer Abruzzo has released a memo on employers’ use of electronic monitoring and automated management in the workplace. The memo also directs NLRB Regions to submit to the Division of Advice any cases involving intrusive or abusive electronic surveillance and algorithmic management that interferes...
November 2, 2022

OCR Reminds Healthcare Providers and Their Business Associates – You Need an Incident Response Plan!

We have been quite busy this October, which happens to be National Cybersecurity Awareness Month. But, we did not want to let the month go by without some recognition; and we are grateful to the HHS Office for Civil Rights (OCR) for this always timely reminder for HIPAA covered entities and business associates – have...
October 31, 2022

California Tightens Rules on Vehicle Tracking, Fleet Management

Over the past several years, there has been a significant increase in the use of dashcam technology. The technology available in the market is quite advanced. As we observed here, these devices can be equipped with geolocation, AI, facial recognition, and other technologies.  Designed primarily to enhance driver safety and fleet management, privacy concerns are...
October 28, 2022

CPPA Board Publishes Proposed Modifications to CPRA Regulations in Advance of October Meeting

On October 21 and 22, the California Privacy Protection Agency (CPPA) Board will meet to discuss possible action regarding the proposed regulations for the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA). Previously, in June 2022, the Board met to discuss revising the regulations previously released by the California Attorney General.  ...
October 18, 2022

Biden Executive Order Supports New EU-U.S. Data Privacy Framework for Trans-Atlantic Transfers of Data

In July 2020, the Court of Justice of the European Union (CJEU) declared the EU-U.S. Privacy Shield invalid. The EU-U.S. Privacy Shield program was designed to provide European Economic Area (EEA) data transferred to the U.S. with a level of protection comparable to EU law. The CJEU invalidated the program stating that U.S. companies could...
October 17, 2022

White House Weighs In On the Use of AI by Businesses

On October 3, 2022, the White House Office of Science and Technology Policy published its “Blueprint for an AI Bill of Rights.” This adds to prior federal guidance released by the EEOC and DOJ regarding the use of AI in employment decisions. The framework published by the White House is intended to apply to automated...
October 7, 2022

Amendment to CMIA Regarding Mental Health and Mental Health Apps

California passed Assembly Bill (AB) 2089, which amends the Confidentiality of Medical Information Act (CMIA) to include mental health application information under the definition of medical information. Under the revisions to CMIA, mental health application information is defined as information related to a consumer’s inferred or diagnosed mental health or substance use disorder, as defined...
September 29, 2022

California Consumer Privacy Act FAQs: Employment Information

1. What’s changing? Under the current version of the California Consumer Privacy Act (“CCPA”), an employer’s obligations related to the personal information it collects from employees, applicants, and contractors residing in California (collectively, “Employment Information”) are relatively limited.  Specifically, it needs to (1) provide those individuals a “notice at collection” that discloses the categories of...
September 27, 2022

Pages