In March of 2021, Virginia became the first state on the east coast with a comprehensive data privacy protection law. The Virginia Consumer Data Protection Act (“CDPA” or the “Act”) goes into effect on January 1, 2023. The CDPA takes inspiration from the EU’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”) but its sponsors avoided some of the weaknesses of those two predecessors.
Attorneys have an ethical duty to protect their clients’ confidential information under the law, but most professional services providers are not automatically bound to do the same. One way the parties to a professional services contract can manage the risks accompanying the necessary access to sensitive information is to address them in a confidentiality statement.
Tricia Dunlap, Esq. & Ben Nelson Ben Nelson is an experienced technologist at SingleStone Consulting who has provided custom application development and technical leadership for the public and private sectors. He is a writer, podcaster, and presenter. ~4 minute read Be Smart(er) about Data Collection In recent years, many businesses have come to perceive data…
Subscribe to our YouTube channel Tricia Dunlap, Esq. ~3-4 minute read SaaS Vendor Evaluation: 3 Criteria For Choosing Software This is part three of a three-part series on choosing software and what SaaS vendor is right for your business. In part one, I talked about principles around data privacy that your business should consider and…
Subscribe to our YouTube channel Tricia Dunlap, Esq. ~3-4 minute read 5 Tips To Secure Your Data: Security For SaaS Applications Let’s talk about security for SaaS applications and its role in choosing a SaaS vendor. This is part two of a three part series on choosing a SaaS vendor because it’s fairly complicated. If…
Subscribe to our YouTube channel Tricia Dunlap, Esq. ~4 minute read What is SaaS and Why You Need To Be Careful: 4 Tips for Picking SaaS Vendors What is SaaS? Software as a Service is necessary for all modern businesses. It includes software such as G-Suite, MailChimp, SalesForce, and Microsoft products. But right now let’s…
~4-5 minute read © Tricia Dunlap The U.S. Data Privacy Legal Landscape is Highly Fragmented The U.S. data privacy legal landscape is a patchwork of federal and state laws. At the federal level, data privacy laws vary by business sector. For example, the federal Gramm-Leach-Bliley Act regulates data collection and use by financial institutions and the Health Insurance Portability and Accountability Act governs collection…
~4-5 minute read © Tricia Dunlap Part 1: What the Heck Are Piggyback Tags and Why Should I Care? Every business website has “Tags” – they are the pixel or code mechanisms that facilitate the collection and sharing of data between your website and the services you rely on for site analytics and marketing. …
~7 minute read Tricia Dunlap, Esq. CIPP/US Working At Home Guidelines We expect cybercrime incidents to increase in the wake of the coronavirus. Thieves usually take advantage of social disruption and fear – cyberthieves will no doubt see COVID-19 as a ripe opportunity. Here are nine working at home guidelines in cybersecurity that you can…
By Tricia Dunlap (Esq. & CIPP/US) Have you read Part 1? Forty-four years ago, in an act of uncommon foresight, Virginia passed its first data privacy law, the Virginia Data Act. The Virginia Data Act is extraordinary for its unequivocal embrace of our rights as citizens in a free society to be protected from state government…
Data privacy bills died in Virginia’s House of Delegates today, January 29, 2020. Two of them will almost certainly be back next year. HB 473, patroned by Delegate Mark Sickles (D-43rd District), gave consumers the right to access their data and determine if it had been sold to a data broker. HB 952, patroned by…
By Tricia Dunlap (Esq. & CIPP/US) On November 8, 2019, Kenya adopted a data privacy law aligned with the European Union General Data Protection Regulation (GDPR). As a result, Kenyans now have more data privacy rights than many Americans. Kenya hopes to attract more investment from foreign tech firms. Recently, they increased data privacy protection legal standards…
By Tricia Dunlap (Esq. & CIPP/US) and Tess Lynch (J.D. 2019 & CIPP/US) Start with these four steps to prepare for the CCPA and ensure your Virginia Business is in compliance. If you’ve read our last blog, you know the California Consumer Privacy Act (CCPA) could impact your business, even if you’re not based in California. Enforcement begins July 1, 2020,…
By Tricia Dunlap (Esq. & CIPP/US) Compared to other states, Virginia’s data privacy and security law narrowly defines what constitutes a data breach and personal information. However, it’s still imperative that business leaders understand the nuances of Virginia’s Law to protect their companies from legal risk. For Virginia businesses, Virginia’s data privacy and security protection…
By Tricia Dunlap (Esq. & CIPP/US) and Tess Lynch (J.D. 2019 & CIPP/US) Is Your Virginia Business Ready for the California Consumer Privacy Act? Companies around the world are paying attention to the wave of data privacy laws emerging from the European Union and the United States. California is the first state to introduce significant…
Even if you’re not a lawyer, you should understand cybersecurity best practices. I rarely appear in court anymore and I no longer do any family law work (not that I did much to begin with). But last fall, an old case resurrected itself when opposing counsel filed a motion to reopen child custody and support…
What Is SaaS? Over the past five years, Software as a Service (SaaS) products saw steady growth. Their increasing rate of adoption and innovation is exciting but can also serve as a cause for concern. SaaS products range from widely spread and universally helpful products like Gmail, Microsoft Word, or Zoom to more niche products…
