The last remaining provisions of the amendments to the New York Department of Financial Services’ (DFS) cybersecurity regulation called Part 500 came into effect Nov. 1, 2025.
Continue Reading NYDFS Final Cybersecurity Rules – MFA, Asset Inventory, and Third-Party Risk
Cybersecurity month starts with a critical compliance date for the Department of Justice (DOJ)’s Data Security Program (DSP). Starting on Oct. 6, any U.S. person or company handling Americans’ bulk sensitive or personal data or U.S. government-related data must implement a written data compliance program that lays out specified due diligence, audit, reporting, and recordkeeping processes for covered data transactions.
Continue Reading Incoming Deadlines and Requirements for DOJ’s Data Security Program on Oct. 6, 2025
On July 1, 2025, the California attorney general (AG) announced a $1.55 million settlement (pending court approval) with Healthline Media, LLC (Healthline), who publishes Healthline.com, a health information website. This settlement marks the regulator’s continued focus on online tracking technologies for targeted advertising and the effectiveness of consumer opt-out systems.
Continue Reading California CCPA Settlement: Health Website Penalized for Tracking Non-Compliance
Regulatory authorities globally are prioritizing data deletion rights, including legislation like California’s Delete Act and enforcement actions in Europe and Oregon. Businesses should consider enhancing their mechanisms for handling deletion requests to ensure compliance and build consumer trust.
Continue Reading Enforcement Update: Regulatory Attention Focused on Deletion Requests
David Zetoony, co-chair of GT’s U.S. Data, Privacy and Cybersecurity Practice, and Shareholders Reena Bajowala and Liz Harding will present the MyLawCLE and Federal Bar Association webinar, “Artificial Intelligence and Data Privacy: Current Laws and Regulations in the United States and the European Union,” Jan. 15, 2025.
This program will include an in-depth
The European Data Protection Board (EDPB) has recently (re)positioned itself on several controversial topics and published three new guidelines and opinions. Although not legally binding, they do have a significant influence on proceedings before the supervisory authorities and courts. This GT Alert discusses the EDPB’s new guidelines and their implications for companies dealing with personal
On May 16, 2024, the U.S. Securities and Exchange Commission finalized amendments to Regulation S-P (the Amendments) that largely adopt the proposed amendments the SEC issued in 2023. As discussed in further detail below, the Amendments will require broker-dealers, investment companies, SEC-registered investment advisers, funding portals, and transfer agents registered with the SEC or other
Greenberg Traurig Data Privacy & Cybersecurity attorneys Gretchen Ramos, Darren Abernethy, and Zachary Schapiro will present the CLE webinar, “U.S. Consumer Health Data Privacy Laws in 2024: Washington’s My Health My Data Act and Related State and Federal Developments,” Tuesday, Feb. 27, 2024. State legislatures and the Federal Trade Commission have begun
On Oct. 19, 2023, the CFPB released a proposed rule that, if finalized in its present form, would require covered financial institutions to provide consumers and authorized third parties with access and portability options for their financial data. The CFPB’s proposed rule, called the “Personal Financial Data Rights” rule, would implement Section 1033 of Title