Blog - data breach laws

Data Breaches 2023: Consequences of Non-Compliance with Privacy Laws

Beyond regulatory fines or even class action settlements, consequences of non-compliance with privacy laws often follow a brand for years in its wake. Continue reading for major data breaches to keep on your radar and steps you can take today to protect your customers and safeguard their trust.

Other States Take Note: California State Assembly Passes AB 2273

The California assembly recently passed a comprehensive age-appropriate privacy legislation– the California Age-Appropriate Design Code Act, also known as AB 2273. If approved by Governor Newsom, the Act would require businesses that “provide online services, products, or features that are likely to be accessed by children” to increase their level of privacy and safety protections.

Reduce Privacy Risk to Build Investor Confidence

Armed with tools and their in-depth understanding of the organization’s privacy risks and requirements, the privacy team can conduct tabletop exercises to assess the most likely worst-case scenarios, providing valuable insights to executive decision-makers.

Privacy Regulatory Trends: Personal Information and Biometric Data Privacy Laws

As more states seek to regulate and protect biometric data, companies that collect, use and store biometric data should consider creating and implementing policies and procedures that incorporate the appropriate security, notice, and consent requirements, even if they are not currently required to do so by law. However, until all 50 states amend their definitions of personal information to include biometric data, privacy leaders must navigate a patchwork of laws and regulations when performing incident risk assessments.

Regulatory Trends: Texas Data Breach “Wall of Shame”

For privacy and compliance leaders, notifiable privacy data breaches aren’t ideal, but they are necessary. In September 2021, Texas house bill House Bill 3746 will allow the state attorney general to publicly list organizations who have issued data security breach notifications. At an important moment for privacy regulation, does this regulatory environment encourage organizations to notify when obliged, or does it discourage compliance with legislation?

Creating a Unified Framework for Global Incident Response

As privacy regulations expand, creating a unified framework for global incident response process may be the key to compliance worldwide.