Computer and Software Law
California enacted the most comprehensive data privacy laws in the US – it goes into effect on January 1, 2020 (see The California Consumer Privacy Act recent blog post). In the meantime, other states are following suit. If you do business with individuals or companies outside Minnesota, make sure you are keeping up to speed with these new laws! Texas has amended the laws that apply to data breaches, this change applies on January 1, 2020. What is a data breach? Well, it can be slightly different from state to state, which is part of the challenge. In Texas, the law concerns sensitive personal information, which is defined as 1) an individual’s first name or first initial and last name in..
DOES IT APPLY TO YOU? Do you do business in California, or otherwise collect personal information from California residents? (Hint, if you operate a website, this likely applies to you). Note that the CCPA does not apply to non-profits. It has been a year since California passed the most comprehensive data privacy laws in the U.S., and those laws go into effect in January of 2020. Is your business ready for this??? Many have been waiting for amendments to pass, but as this hasn’t happened yet (and may not for many months) the time has come to make sure your business is in compliance. Even if it applies to you, the CCPA has some important exceptions, designed to keep small businesses..
“No”, you say, “they are great business people, and we have an IT department!” That answer could cause you trouble. With all due deference to your IT department, it is quite possible that its expertise does not include the legal aspects of cybersecurity. It will no doubt ensure appropriate encryption and firewalls, but does it have the authority (or expertise) to advise you on data privacy laws and breach notification requirements? Can it develop compliant notices and work with your insurance company on any claims? It will know how to stop the breach (assuming it is an electronic one) but what then? Do not rely on your IT department to provide legal advice on cybersecurity. This is one of the many tasks that should be..
On October 11th BGS attorney Carole Clark Isakson presented a seminar on data privacy issues to a large audience of Anoka County Bar Association attorneys. The seminar, entitled “Basic Electronic Data Security Issues”, addressed the professional and ethical obligations of attorneys in dealing with client (and employee) data in addition to covering privacy laws and how to implement them at law firms and businesses in general. Associate Attorney Nicole Wiebold spoke on the GDPR (General Data Protection Regulation) which became effective in May of this year. Data breaches strike almost a third of US businesses each year, according to one source, and the costs of remediation (coupled with the loss of business and reputation) can result in the failing of many businesses. Protecting client and..