Latest Articles
The Small Business Administration (SBA) Economic Injury Disaster Loan (EIDL) program suffered a data breach of nearly 8,000 small-business owners, disclosing many owner’s social security numbers. The federal government acted to provide relief to small businesses under the CARES Act…
The Consumer Rights Under the CCPA The CCPA guarantees a number of consumer rights, and businesses need to take steps to ensure compliance. Most of the rights are explicitly enumerated within the text of the CCPA. However, some are implicitly…
Tennessee’s data breach notification law requires “information holders” to notify residents of Tennessee within 45 days when their personal information was acquired, or reasonably believed acquired, by an unauthorized person following a “breach of system security”. As of 2020, every…
UPDATE: On November 18, 2021, the FDIC issued a new final rule (“The Computer-Security Incident Notification Final Rule”) altering the obligations discussed below. Notably, all financial institutions subject to OCC, FDIC or Federal Reserve jurisdiction must now notify their primary…
The California Consumer Privacy Act (CCPA) is the most expansive state privacy law in the United States. The law went into effect on January 1, 2020, after months of negotiations and drafting. Although it is a California state law, the…