Regulators in California and Colorado recently announced enforcement sweeps under new and newly updated state privacy laws. Companies in Colorado (including nonprofits) and California should double-check their privacy notices, processes and documentation to comply with these laws, particularly the enforcement priorities identified in the notices.
State Regulators Step Up Privacy Enforcement Relating to Employee Data
By Elliot R. Golding and Allison McSorley Tassel on September 5, 2023
Posted In Privacy and Data Security
Elliot R. Golding
Elliot Golding provides business-oriented privacy and cybersecurity advice to global companies spanning virtually every sector of the economy, with particular expertise in the technology, health care/life sciences, retail/ecommerce, automotive and financial sectors. His practical approach gives clients actionable advice to help balance legal risk with business needs, particularly relating to innovative issues such as “digital health” technologies, biometrics, the Internet of Things, data monetization, online advertising technology and Artificial Intelligence/Machine Learning tools. He provides both day-to-day product counseling and helps companies develop global compliance programs that harmonize CCPA/CPRA (and equivalent laws in Virginia, Colorado, and Utah); GDPR and other international laws; specific rules in the highly regulated health and financial sectors (HIPAA/HITECH, ONC Information Blocking and CMS Interoperability Rules, 42 CFR Part 2, the Common Rule, GLBA, and state equivalents); marketing rules (TCPA, CANSPAM, and industry self-regulatory standards); security standards (such as PCI-DSS, NIST, and ISO); and many others. Elliot has also managed hundreds of breaches and ransomware attacks, guiding clients through all aspects of investigation, notification, remediation and engagement with regulators. Read Elliot Golding's full bio.
Allison McSorley Tassel
Allison McSorley Tassel focuses her practice on privacy and cybersecurity matters. She provides compliance and advisory guidance to clients in a wide range of industries and markets on the evolving privacy legal landscape. Read Allison McSorley Tassel's full bio.
Elliot Golding provides business-oriented privacy and cybersecurity advice to global companies spanning virtually every sector of the economy, with particular expertise in the technology, health care/life sciences, retail/ecommerce, automotive and financial sectors. His practical approach gives clients actionable advice to help balance legal risk with business needs, particularly relating to innovative issues such as “digital health” technologies, biometrics, the Internet of Things, data monetization, online advertising technology and Artificial Intelligence/Machine Learning tools. He provides both day-to-day product counseling and helps companies develop global compliance programs that harmonize CCPA/CPRA (and equivalent laws in Virginia, Colorado, and Utah); GDPR and other international laws; specific rules in the highly regulated health and financial sectors (HIPAA/HITECH, ONC Information Blocking and CMS Interoperability Rules, 42 CFR Part 2, the Common Rule, GLBA, and state equivalents); marketing rules (TCPA, CANSPAM, and industry self-regulatory standards); security standards (such as PCI-DSS, NIST, and ISO); and many others. Elliot has also managed hundreds of breaches and ransomware attacks, guiding clients through all aspects of investigation, notification, remediation and engagement with regulators. Read Elliot Golding's full bio.
Allison McSorley Tassel
Allison McSorley Tassel focuses her practice on privacy and cybersecurity matters. She provides compliance and advisory guidance to clients in a wide range of industries and markets on the evolving privacy legal landscape. Read Allison McSorley Tassel's full bio.
Related Posts
- State Law Privacy Video Series | Employee Exemptions
- Global Employment Law Update
- Passage of California Privacy Act Could Spur Similar New Regulations in Other States
- CCPA Amendment Update: California Legislature Approves Exceptions for HIPAA De-Identified Information and Other Health Data
- Key Takeaways | How to Prepare for New State Health Privacy Laws