Matt Fisher of Carium writes: Data breaches grab headlines on a daily basis and arise from a number of different scenarios. However, one question that is not necessarily examined closely (at least in news articles), is whether encryption was in place and why the encryption did not prevent the breach. That rhetorical question does not…
Category: Legislation
Brazilian Data Protection Authority Publishes Regulatory Strategy for 2021 – 2023
Hunton Andrews Kurth writes: On January 28, 2021, international Data Privacy Day, the newly formed Brazilian data protection authority (Agência Nacional de Proteção de Dados, the “ANPD”) published its regulatory strategy for 2021-2023 and work plan for 2021-2022 (in Portuguese). The ANPD’s regulatory strategy for 2021-2023 sets forth the agency’s vision for becoming a reference, nationally and internationally, with respect to…
Democrats propose bill to protect privacy, data security amid growing use of pandemic-related tech
Anuja Vaidya reports: Technology is the linchpin of the United States’ response to the Covid-19 pandemic. But the growing use of digital solutions raises the complicated issue of ensuring individuals’ right to privacy. Now, a group of Congressional Democrats have introduced a bill to address this concern. The Public Health Emergency Privacy Act would set enforceable privacy…
HITECH Amendment Provides Some Protection For Covered Entities and Business Associates that Adopt Recognized Security Standards
Anna D. Kraus, Libbie Canter, Tara Carrier, and Olivia Vega of Covington & Burling write: On January 5, 2021, an amendment to the Health Information Technology for Economic and Clinical Health (“HITECH”) Act was signed into law. The amendment requires the U.S. Department of Health and Human Services (“HHS”) to “consider certain recognized security practices of covered…
CT AG Tong Seeks Update To Data Breach Notifications
Attorney General William Tong testified last week before the General Law Committee in support of two pieces of legislation sought by the Office of the Attorney General to strengthen the state’s price gouging and data breach notification statutes. Data Breaches An Act Concerning Data Privacy Breaches, House Bill 5310, was sought by the Office of…
In: Telcos want govt to clarify onus of security breach post NSD rollout
PTI reports: Telcos have asked the government to clarify about the entity that will be held liable if there is a security breach in the network post the implementation of National Security Directive (NSD) on the telecom sector, according to industry sources aware of the development. The telecom operators have given their input to the…