Compliance, Definition and Federal law

CPPA Proposed Rulemaking Package Part 2 – Automated Decision-Making Technology

Debevoise Data Blog

FEBRUARY 13, 2025

Most notably, the Draft Regulations definition of ADMT is more expansive than other regulatory definitions in that it includes technology that substantially facilitates human decisionmaking. This closely follows the GDPRs definition of profiling in Article 4(4).

Compliance

Compliance Machine learning Federal law International law

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Clio

JANUARY 30, 2024

HIPAA : The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that requires healthcare providers and “ business associates ” to protect protected health information (PHI) from inadvertent disclosure. Check out our blog post on understanding HIPAA compliance for more information. Are they compliant?

Law firm

Law firm Law Law Due diligence

Washington’s Novel Health Data Law: An In-Depth Look

Debevoise Data Blog

AUGUST 2, 2023

Although states continue to pass comprehensive privacy laws in 2023, Washington’s My Health My Data Act (“MHMDA”) deserves closer attention due to its breadth as well as its novel—and potentially onerous—provisions. What Are the Key Substantive Obligations?

Law

Law Law e-records Time-tracking

Webinars

Uncovering The Hidden Connections: A Patent Family Survival Guide

Fresh Out of School: How to Become an Expert Paralegal

MORE WEBINARS

A Closer Look at 2023 U.S. State Privacy Law Activity: Washington State

Debevoise Data Blog

AUGUST 2, 2023

Although states continue to pass comprehensive privacy laws in 2023, Washington’s My Health My Data Act (“MHMDA”) deserves closer attention due to its breadth as well as its novel—and potentially onerous—provisions. What Are the Key Substantive Obligations?

Law

Law Law e-records Time-tracking

Face Forward: Strategies for Complying with Facial Recognition Laws

Debevoise Data Blog

OCTOBER 18, 2021

Illinois’ Biometric Information Privacy Act (“BIPA”) excludes both “digital photographs” and “information derived from” photographs from the definition of “biometric information.” c) Texas Texas’s biometric privacy law also imposes similar requirements to BIPA, but allows more avenues for compliance.

Law

Law Law Court Time-tracking

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Debevoise Data Blog

OCTOBER 26, 2021

In this part, we assess where the law seems to be heading and offer some practical risk reduction strategies. Federal and State Legislation There is currently no federal law that specifically regulates biometric privacy. No comprehensive and preemptive federal law seems likely to pass anytime soon.

Compliance

Compliance Federal law Data protection Machine learning

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

The ADPPA adopts a broad definition of “covered data” similar to the EU’s General Data Protection Regulation (“GDPR”) and the CCPA. State Law Preemption, with Exceptions The ADPPA expressly preempts a host of existing state privacy laws, as well as certain federal laws that regulate covered data. ADPPA § 2(9).

State law

State law Federal law Compliance Data protection

NYC’s AI Hiring Law Is Now Final and Effective July 5, 2023

Debevoise Data Blog

APRIL 12, 2023

In this Debevoise Data Blog post, we discuss the current state of the AEDT Law and highlight how the final changes impact employers’ compliance obligations. Examples of tools outside this definition include junk email filters, antivirus software, calculators, spreadsheets, databases, and other compilations of data.

Law

Law Law Compliance Machine learning

New Cyber Incident Reporting Coming for Critical Infrastructure: Five Key Takeaways

Debevoise Data Blog

MARCH 16, 2022

Instead, the Act further centralizes CISA as the primary hub within the federal government for information sharing and allows CISA to refer cases to the Department of Justice and other federal agencies for enforcement and prosecution of other federal laws or regulations. Expanding Federal Cybersecurity Enforcement.

Due diligence

Due diligence Federal law Compliance Attorney

Biden Administration Acts to Limit Access to Sensitive Personal Data by Countries of Concern

Debevoise Data Blog

MARCH 5, 2024

Concurrently, the Department of Justice (“ DOJ ”) released an Advance Notice of Proposed Rulemaking (“ Advance Notice ”), detailing potential definitions for key terms not defined in the Order, discussing the potential regulatory framework to implement the Order (the “ Program ”) and seeking public comment on over 100 related questions. [1]

Compliance

Compliance e-records Federal law Court

Legal Tech Connection

CPPA Proposed Rulemaking Package Part 2 – Automated Decision-Making Technology

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Webinars

Trending Sources

Washington’s Novel Health Data Law: An In-Depth Look

Webinars

A Closer Look at 2023 U.S. State Privacy Law Activity: Washington State

Face Forward: Strategies for Complying with Facial Recognition Laws

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

What the ADPPA Means for U.S. Data Regulation

NYC’s AI Hiring Law Is Now Final and Effective July 5, 2023

New Cyber Incident Reporting Coming for Critical Infrastructure: Five Key Takeaways

Biden Administration Acts to Limit Access to Sensitive Personal Data by Countries of Concern

Stay Connected