Wavebreak Media Ltd © 123RF.com

The GDPR Comes to the Golden State

California has hopped on the General Data Protection Regulation (GDPR) bandwagon with the California Consumer Privacy Act just signed into law by Governor Jerry Brown. The new data privacy law – which was unanimously approved by the state legislature and is the strictest in the U.S. – is GDPR-like to the extent it allows consumers to control how their personal data is collected, processed and shared. (Read More)

Günter Menzl © 123RF.com

Digital Switzerland

Microsoft President Brad Smith is the force behind an admirable initiative – the Cybersecurity Tech Accord. By way of the Accord, participants seek to create a “digital Switzerland” made up of some of the leading tech companies in the world. Signatories to the Accord – to date, there are 34 in all, including ABB Group, Arm, Cisco, Facebook, Hewlett Packard, Microsoft, Nokia, Oracle, and Trend Micro – promise, among other things, not to aid or abet any government in committing cyberattacks against innocent civilians or enterprises and, at the same time, to protect victims of cyber crime. (Read More)

Ivan Trifonenko © 123RF

Forecast for Overseas Data: Partly Cloudy

The CLOUD Act was passed as part of the omnibus budget bill signed into law on March 23, 2018, in an attempt to resolve an impediment to law enforcement’s ability to enforce warrants against tech companies based in the U.S. but storing data overseas. (Read More)

asnida marwani © 123RF.com

Is a New Federal Standard for Breach Notification on the Horizon?

In the wake of the recent announcement by Equifax that an additional 2.4 million consumers had personal information stolen as part of the company’s massive data breach in 2017, a light is being shined on related legislation currently pending in the United States House of Representatives. Indeed, lawmakers are once again trying to codify nationwide standards on breach notifications and how data is handled and stored. It appears to be an uphill battle. (Read More)

Dmitry Sergeev © 123RF.com

GDPR contact: Scott Lyon
714.557.7990 | slyon@mrllp.com

GDPR Compliance Strategy

The European Union adopted the General Data Protection Regulation (GDPR) on April 27, 2016, establishing the rights and freedoms of EU residents with regard to how their personal data is collected, processed, shared, and retained. No surprise that companies around the world, including clients of Michelman & Robinson, LLP in a range of industries, are struggling to understand how the GDPR will impact their business operations and how they should respond. As the May 25, 2018 deadline for compliance is fast approaching, we thought it would helpful to provide answers to some of the most frequently ask questions about GDPR. (Read More)

rawpixel © 123RF.com

Insurtech and Cybersecurity Underwriting

The underwriting of cybersecurity insurance policies has long been a challenge. That seems to be changing. At-Bay, a new entrant to the cyber insurance space working out of Mountain View, California and Tel Aviv, promises to harness new technology to improve the process and help insureds better control their cyber risks. (Read More)

asnida marwani © 123RF.com

With New York Cybersecurity Rules in Place, the NAIC Looks to Follow Suit

Michelman & Robinson has written extensively on the cybersecurity requirements for financial services companies that were issued by the New York Department of Financial Services and went into effect on March 1, 2017. These cyber rules, as codified, require insurance and insurance-related companies as well as brokers, agents and adjusters licensed in New York to assess their specific cyber risk profiles and design cybersecurity programs that address such risk in a “robust fashion.”

Now, in the wake of the passage of this law in New York, the National Association of Insurance Commissioners (NAIC) is on the doorstep of adopting an Insurance Data Security Model Law that closely mirrors it in some aspects. And if adopted, the model law will serve as a template for legislation to be enacted state-by-state. (Read More)