Posts by Hunton Andrews Kurth

Department of Commerce Updates Privacy Shield FAQs

Recently, the Department of Commerce updated its frequently asked questions (“FAQs”) on the EU-U.S. and Swiss-U.S. Privacy Shield Frameworks . Hunton Andrews Kurth explains some of the updates.

Chicago Introduces Data Protection Ordinance

Chicago City Council introduces data privacy ordinance that outlines five keys data protection requirements for Chicago businesses. Hunton Andrews Kurth explains the details.

Colorado Data Breach Notification Law, Security Requirements: Deadline Approaches

Colorado latest data privacy, breach notification and security law takes effect September 1, 2018. Here are the provisions and implications.

Vermont Enacts Nation’s First Data Broker Legislation

Recently, Vermont enacted legislation (H.764) that regulates data brokers who buy and sell personal information. Vermont is the first state in the nation to enact this type of legislation.

Oregon Amends Data Breach Notification Law

Oregon’s amended data breach notification law has new requirements, prohibits fees for security freezes and adds a specific notification timing requirement, Hunton Andrews Kurth explains.

Department of Energy Makes Energy Sector Cybersecurity Moves

The U.S. Department of Energy (“DOE”) Office of Electricity Delivery & Energy Reliability in May released its Multiyear Plan for Energy Sector Cybersecurity. Hunton Andrews Kurth explains.

Arizona Amends Data Breach Notification Law

Arizona recently amended its data breach notification law, which now features a 45-day breach notification requirement. Hunton Andrews Kurth explains.

Attacks Targeting Oil, Gas Sector Renew Cybersecurity Questions

Cyberattacks against a third-party platform used by an oil and gas pipeline trigger fresh questions about critical infrastructure security.

Alabama Data Breach Notification Law Activates June 1

Alabama is the final U.S. state to enact a data breach notification law. The Alabama Data Breach Notification Act of 2018 (S.B. 318), effective June 1, has these requirements.

Second Global GDPR Readiness Report: CIPL, AvePoint Findings

The second Global GDPR Readiness Report explores organizational preparedness for implementing the EU General Data Protection Regulation. Here are the findings.