Press "Enter" to skip to content

Posts tagged as “IT & Data Protection”

Kansas Financial Institutions Information Security Act Approved by Governor

Kansas Gov. Laura Kelly has approved enactment of Senate Bill 44 which requires certain financial institutions to establish information security standards consistent with the federal Gramm-Leach-Bliley Act’s Safeguards Rule, 16 C.F.R. § 314.1, et seq.  The Kansas Financial Institutions Information Security Act becomes effective July 1, 2023.

Ohio Supreme Court Upholds Denial of Coverage for Ransomware Attack Losses

The Ohio Supreme Court recently reversed the decision of an appellate court and reinstated the trial court’s grant of summary judgment in favor of an insurer and against an insured company on the company’s claim for breach of contract and bad faith denial of insurance coverage relating to damages arising from a ransomware attack. 

FTC: Businesses of All Types Subject to Safeguards Rule

Determining whether your business engages in activities that can trigger coverage is discussed by the Federal Trade Commission in just released guidance entitled “FTC Safeguards Rule: What Your Business Needs to Know.” The Rule applies to many businesses beyond the scope of what are commonly understood to be “financial institutions” and has implications for service providers to covered entities.

Amendments to the GLBA Safeguards Rule: What’s New, What’s Not, and What’s Hot for Non-Banking Financial Institutions

The Federal Trade Commission recently amended the Safeguards Rule, 16 C.F.R. § 314.1, et seq., with significant changes to how an information security program should be designed, what it must include, and who needs to be in charge.

11th Cir. Holds Obtaining Consumer Report for Verification and Eligibility Is a Permissible Purpose

In a case of first impression for the U.S. Court of Appeals for the Eleventh Circuit, the Court joined the Sixth Circuit in holding that obtaining a consumer report to verify a consumer’s identity and eligibility for a service is a “legitimate business need” and therefore a “permissible purpose” under the Fair Credit Reporting Act (FCRA).

Calif. App. Court (4th Dist) Rejects Jurisdictional Challenge in Website Accessibility Case

In an action challenging the accessibility of a website to blind and visually impaired people, the Court of Appeals of the State of California, Fourth Appellate District, recently held that a California court may exercise specific jurisdiction over a Georgia LLC where the LLC purposefully availed itself of the privilege of conducting business in California by sending catalogs and selling over $300,000 worth of goods to California residents.

‘Consumer Data Privacy Act’ Introduced in Mississippi With Expansive Coverage

Legislators in Mississippi recently introduced SB 2548. the "Mississippi Consumer Data Privacy Act." The bill contains provisions similar to the California Consumer Privacy Act but goes further than the CCPA with a lower annual gross revenue threshold, applying to any for-profit business, or any entity that controls or is controlled by such a business, that does business in Mississippi.

Arizona Privacy Legislation – Right, Left and Center(ish)

Consumer data privacy appears to be on the minds of legislators in Arizona this session.  As previously mentioned, House Concurrent Resolution 2013 was introduced in Arizona on Jan. 10, 2020, by five Republicans and one Democrat declaring: That the Members of the Legislature oppose the enactment of laws, the adoption of regulations or the imposition of out-of-state standards that would restrict or otherwise dictate standards related to consumer data privacy, absent a clear nexus with consumer harm. That the Members of the Legislature believe a single federal standard for comprehensive consumer data privacy regulation is preferable to a state-by-state approach. Not…