Virginia Leads The Way: The Virginia Consumer Data Protection Act

By Tricia Dunlap

In March of 2021, Virginia became the first state on the east coast with a comprehensive data privacy protection law. The Virginia Consumer Data Protection Act (“CDPA” or the “Act”) goes into effect on January 1, 2023. The CDPA takes inspiration from the EU’s General Data Protection Regulation (“GDPR”) and the California Consumer Privacy Act (“CCPA”) but its sponsors avoided some of the weaknesses of those two predecessors.

The Confidentiality Clause Curse: Should Your Professional Services Contract include a Confidentiality Clause?​

By Brandy Brown

Attorneys have an ethical duty to protect their clients’ confidential information under the law, but most professional services providers are not automatically bound to do the same. One way the parties to a professional services contract can manage the risks accompanying the necessary access to sensitive information is to address them in a confidentiality statement.

Be Smart(er) about Data Collection

By Tricia Dunlap

Tricia Dunlap, Esq. & Ben Nelson Ben Nelson is an experienced technologist at SingleStone Consulting who has provided custom application development and technical leadership for the public and private sectors.  He is a writer, podcaster, and presenter. ~4 minute read Be Smart(er) about Data Collection In recent years, many businesses have come to perceive data…

SaaS Vendor Evaluation: 3 Criteria For Choosing Software Part 3

By Tricia Dunlap

Subscribe to our YouTube channel Tricia Dunlap, Esq. ~3-4 minute read SaaS Vendor Evaluation: 3 Criteria For Choosing Software This is part three of a three-part series on choosing software and what SaaS vendor is right for your business. In part one, I talked about principles around data privacy that your business should consider and…

5 Tips To Secure your Data: Security For SaaS Applications Part 2

By Tricia Dunlap

Subscribe to our YouTube channel Tricia Dunlap, Esq. ~3-4 minute read 5 Tips To Secure Your Data: Security For SaaS Applications Let’s talk about security for SaaS applications and its role in choosing a SaaS vendor. This is part two of a three part series on choosing a SaaS vendor because it’s fairly complicated. If…

Part 2 Piggyback Tags and the California Consumer Protection Act

By Tricia Dunlap

~4-5 minute read © Tricia Dunlap  The U.S. Data Privacy Legal Landscape is Highly Fragmented The U.S. data privacy legal landscape is a patchwork of federal and state laws.  At the federal level, data privacy laws vary by business sector.  For example, the federal Gramm-Leach-Bliley Act regulates data collection and use by financial institutions and the Health Insurance Portability and Accountability Act governs collection…

Part 1 Piggyback Tags:  Legal and Operational Risks

By Tricia Dunlap

~4-5 minute read © Tricia Dunlap    Part 1:  What the Heck Are Piggyback Tags and Why Should I Care? Every business website has “Tags” – they are the pixel or code mechanisms that facilitate the collection and sharing of data between your website and the services you rely on for site analytics and marketing. …

Working at Home Guidelines: 9 Cybersecurity Tips

By Tricia Dunlap

~7 minute read Tricia Dunlap, Esq. CIPP/US Working At Home Guidelines We expect cybercrime incidents to increase in the wake of the coronavirus. Thieves usually take advantage of social disruption and fear – cyberthieves will no doubt see COVID-19 as a ripe opportunity. Here are nine working at home guidelines in cybersecurity that you can…

Virginia: No New Data Privacy Laws in 2020

By Tricia Dunlap

Data privacy bills died in Virginia’s House of Delegates today, January 29, 2020.  Two of them will almost certainly be back next year. HB 473, patroned by Delegate Mark Sickles (D-43rd District), gave consumers the right to access their data and determine if it had been sold to a data broker.  HB 952, patroned by…

Kenyans Have More Data Privacy Rights Than Many Americans 

By Tricia Dunlap

By Tricia Dunlap (Esq. & CIPP/US) On November 8, 2019, Kenya adopted a data privacy law aligned with the European Union General Data Protection Regulation (GDPR). As a result, Kenyans now have more data privacy rights than many Americans.  Kenya hopes to attract more investment from foreign tech firms. Recently, they increased data privacy protection legal standards…

Prepare for the CCPA: A 4-Step Plan for Virginia Businesses

By Tricia Dunlap

By Tricia Dunlap (Esq. & CIPP/US) and Tess Lynch (J.D. 2019 & CIPP/US) Start with these four steps to prepare for the CCPA and ensure your Virginia Business is in compliance. If you’ve read our last blog, you know the California Consumer Privacy Act (CCPA) could impact your business, even if you’re not based in California. Enforcement begins July 1, 2020,…

Pt 1 Virginia Data Privacy and Security:Data Breaches in Virginia

By Tricia Dunlap

By Tricia Dunlap  (Esq. & CIPP/US) Compared to other states, Virginia’s data privacy and security law narrowly defines what constitutes a data breach and personal information. However, it’s still imperative that business leaders understand the nuances of Virginia’s Law to protect their companies from legal risk. For Virginia businesses, Virginia’s data privacy and security protection…

Virginia Lawyers and Cybersecurity: What Do The Rules Say?

By Tricia Dunlap

Even if you’re not a lawyer, you should understand cybersecurity best practices. I rarely appear in court anymore and I no longer do any family law work (not that I did much to begin with). But last fall, an old case resurrected itself when opposing counsel filed a motion to reopen child custody and support…

4 SaaS Security Best Practices

By Tricia Dunlap

What Is SaaS? Over the past five years, Software as a Service (SaaS) products saw steady growth. Their increasing rate of adoption and innovation is exciting but can also serve as a cause for concern. SaaS products range from widely spread and universally helpful products like Gmail, Microsoft Word, or Zoom to more niche products…