Every month, we see a new set of privacy best practices or a new set of regulations proposed or adopted by a state, Congress, the White House, or countries around the globe. The versions of best practices continue to multiply and the layers of regulation continue to expand. Every new group or political entity wants to out-perform the last – but has this one-upmanship gone too far?
KMK Law recently hosted its Third Annual Cybersecurity & Privacy Seminar. This seminar was developed for business owners of various sizes and for those in senior positions in Information Governance, Compliance/Risk Management, Human Resources, Legal and/or Information Technology.
On November 2, 2018 Ohio’s new Data Protection Act went into effect. The Ohio DPA creates a new statutory affirmative defense against data breach tort claims and identifies specific cybersecurity frameworks that are now presumptively reasonable. KMK Law and Gratia, Inc. partnered together to discuss the impact of Ohio DPA on businesses, the steps companies need to take as a result, and what this “safe harbor” really means.
September 2018 was a busy month for data privacy. We expect the next several months to be extremely active as well, especially with the number of new complaints and data breach notices filed in Europe since May. We will continue to monitor and update developments as the data privacy framework continues to evolve.
It has been a little more than 90 days since G-Day (May 25) and there has been a lot to talk about regarding the implementation of GDPR.
KMK Law Corporate Partner, Rob Lesan, presented at Interface Cincinnati 2018 on the topic of "GDPR: What We're Learned So Far and What to Expect."
KMK Law Partner, Joe Callow, presented at the Greater Cincinnati ISSA Chapter Meeting on Wednesday, February 21, 2018 on the topic, "GDPR and Your Business: What You Need to Know and What You Need To Do." This presentation provided an updated analysis of GDPR, discussed its potential application, and provided action steps to establish compliance.
Two decisions last week further widened the divide among the Courts of Appeals in applying Spokeo in cybersecurity litigation.
The U.S. Computer Emergency Readiness Team (US-CERT) is implementing new reporting requirements beginning April 1, 2017, and just released new guidelines to help federal departments and agencies; state, local, tribal, and territorial government entities; information sharing and analysis organizations; and foreign, commercial and private-sector organizations submit incident notifications to the federal government.
Two Courts of Appeals have issued decisions during the past week related to cybersecurity and data retention which anyone who maintains electronic data and personal information should read.
- Cybersecurity and Privacy Law
- Cybersecurity Regulation
- California Consumer Privacy Act
- Cyber Insurance
- Privacy Laws
- General Data Protection Regulation
- Data Breach
- Class Action Litigation
- Mergers & Acquisitions
- Incident Response Plan
- Information Governance
- Corporate Law
- Federal Trade Commission
- Seventh Circuit
- Department of Justice
- Revisions to Proposed CCPA Regulations Released
- Happy New Year from the CCPA
- Can’t We All Get Along in the Cyber Sandbox?
- California's New Privacy Law is Coming - Are You Ready?
- Gearing up for National Cybersecurity Awareness Month: KMK Hosts Third Annual Cybersecurity & Privacy Seminar
- Ohio Data Protection Act - Safe Harbor for Businesses in Ohio
- Ohio’s Data Protection Act: What You Need to Know
- September 2018 Was a Busy Month for Data Privacy
- GDPR - 90 Days Later
- GDPR: What We're Learned So Far and What to Expect