Compliance & Privacy Change: Video of panel discussion SmartEdgeLaw took part in at end of 2018 at NYC Javits Center finally dropped. “Compliance and Privacy Change: 2018 has seen new compliance and privacy changes, specifically with the introduction of GDPR and also with the new California consumer privacy act. How can businesses deal with these […]
Category: Policies
Webinar – 2019 Privacy, Compliance and Risk Management Strategies for Infosec Professionals
Please join SmartEdgeLaw Attorney Richard Santalesa and colleagues for a January 31 webinar covering “2019 Privacy, Compliance and Risk Management Strategies for Infosec Professionals” Information and registration are at: http://www.infosecurity-magazine.com/webinars/2019-privacy-compliance-risk/ Description: 2018 saw a number of new privacy and security compliance acts introduced, including the GDPR, the NIS Directive and California’s Consumer Privacy Act (CCPA), […]
Fairfield County Business Journal Profiles SmartEdgeLaw Group
We’re proud to be featured in the Fairfield County Business Journal. Our practice is tech-focused, reality-driven and above all embrace that legal is here to deliver solutions and recommendations not road blocks. Our firm works throughout CT and NYC and is constantly developing new approaches to meet your legal needs. Westport attorney takes a legal […]
SmartEdgeLaw Quoted on NYDFS Final Cybersecurity Regulations
Attorney Richard Santalesa was quoted on the time and deadlines coming for entities affected by newly enacted New York State Dept of Financial Services CyberSecurity Regs, which went into effect on March 1, 2017 following two rounds of drafts and public comment. The article in SecurityIntelligence, New York State Codifies Financial Cybersecurity Regulations, available here https://securityintelligence.com/news/new-york-state-codifies-financial-cybersecurity-regulations/, […]
Is this the Definitive Cybersecurity Guide? NYSE Guide for Directors & Officers
The following post by SmartEdgeLaw Group attorney, Richard Santalesa, was originally published Oct. 27, 2015 at the International Association of Privacy Professionals’ Privacy Perspectives website. Is this the Definitive Cybersecurity Guide? While many companies come up short on their cybersecurity programs or ability to safeguard data privacy, one area where no gap exists is in the […]
What Does That Clause Mean in State Data Breach Statutes?
In light of the President’s recent call for enactment of the Personal Data Notification and Protection Act, containing a 30-day notification deadline, it’s worth noting that at present most state breach laws require state residents to be notified “without unreasonable delay,” which strikes me as a better compromise. Only Florida (30 days), Ohio (45 days), VT (45 days) and […]
FTC Takes Mobile App Makers to Task – Warns About Empty Promises in Privacy Policies
A new staff report by the FTC, What’s the Deal” – A FTC Study on Mobile Shopping Apps, highlights the FTC”s continued concerns about user data and the mobile ecosphere – particularly how payment disputes are handled by developers of mobile apps in the wake of recent Apple and Amazon app issues.. Following in the wake of the […]
FTC Slaps Snapchat Over Privacy Policy & Practices
Recently, the Federal Trade Commission snapped at Snapchat over its privacy policy and representations made regarding the company’s mobile application. The FTC’s action has raised some eyebrows. But it has also raised awareness that promises made in a privacy policy matter. What did Snapchat do wrong and what are the key takeaways you should adopt […]
SEC Issues Cybersecurity Risk Alert
Building on its stated goals for 2014, the U.S. Securities and Exchange Commission (“SEC“) recently issued a Cybersecurity Risk Alert through its Office of Compliance Inspections and Examinations (“OCIE“) that provides important additional information regarding the SEC’s ongoing initiative to assess cybersecurity preparedness in the financial and securities industry subject to its jurisdiction. As we […]
Update: Registration Open for ABA Privacy and Social Media Webinar – May 7th
Sm@rtEdgeLaw Group™ will be discussing “Privacy and Social Media” in an upcoming American Bar Association webinar May 7th with colleagues at other firms and organizations. Social media is everywhere. Join this webinar for an update on the latest social media legal issues and challenges. Attorney CLE credit available. Register at http://apps.americanbar.org/cle/program//t14pvm1.html?sc_cid=CET4PVM-A Program Description: Program Description: Social media […]
PayPal Provides a Reminder: Keep Tabs on Policy Changes
With PayPal’s recent changes to its User Agreement, Privacy Policy and PayPal Here Agreement, users should take note of several important service revisions – and the changes provide a good reminder to pay attention to those ubiquitous “our policies have changed” notices we all receive. While PayPal’s updates restate current policy they also announce […]
2014 Verizon PCI Report Reveals Much Work Needed For Compliance
Update: Richard Santalesa of the Sm@rtedgeLaw Group was interviewed by Eric Parizo of SearchSecurity.com for the story Verizon PCI report: Pen testing, passwords cause PCI assessment gaffes to discuss PCI and the 2014 Verizon PCI Compliance Report. Verizon’s 2014 PCI Compliance Report (“PCR”) is now available for free download in “pre-release.” Along with Verizon’s annual […]
SEC Steps up Review of Cyber Attack & Breach Response Plans
Is your company ready for 2014? Are your Written Information Security Programs, Risk Management Procedures and Data Incident Response Plans up-to-date, tested and up to today’s dynamic threat landscape? Are you sure? Officials at the U.S. Securities and Exchange Commission (“SEC”) recently announced plans to increase scrutiny of how assets managers at companies subject to […]
FTC’s 50th Data Security Settlement Highlights Best Practices
The FTC’s recently announced “50th data security settlement,” with GMR Transcription Services, has been highlighted by the Commission as a “golden opportunity to check your [data security] practices.” We agree. The facts behind the settlement read like a veritable case study of what not to do and how companies get into hot water with regulators […]
Is Social Networking Disclosing Your Trade Secret Customer Lists?
It was inevitable. First came social networks, then came the lawsuits: In the e-discovery context, in impeachment situations (Ledbetter v Wal-Mart Stores Inc.(06-cv-01958-WYD-MJW) (D Colo April 21, 2009); Mackelprang v. Fidelity Nat’l Title Agency of Nevada, Inc. (D. Nev. 2007); and Beye v. Horizon Blue Cross Blue Shield (D. N.J. 2006)), in the tort context […]
