The Connecticut State Government signed the Connecticut Data Privacy Act (CTDPA) into law on May 10, 2022, and the law became effective on July 1, 2023. The CTDPA joins the ranks of other US state privacy laws, like the California Consumer Privacy Act (CCPA) and the Colorado Privacy Act, providing Connecticut consumers with robust data privacy rights and protections.

The Oregon State Government passed Senate Bill 619, also known as the Oregon Consumer Privacy Act (OCPA), in July 2023. The OCPA will become effective on July 1, 2024, the same day the Texas Data Privacy and Security Act will also impose obligations on data controllers and processors. Oregon’s privacy legislation follows the structure of several other US data privacy laws, including the Colorado Privacy Act, the Virginia Consumer Data Protection Act, and the Montana Consumer Privacy Act.

Alexandre Dumas's timeless novel "The Three Musketeers" immortalized the ideal of unyielding solidarity, the enduring motto "All for one and one for all." In the face of ever-evolving threats in the digital realm, the European Union echoes this spirit with its landmark Cyber Solidarity Act.

In today’s digital age, the exchange and storage of information has become very common in all sectors of the world, healthcare being no exception. But with this transmission and storage comes the dangers of security and unauthorized access. The Health Insurance Portability and Accountability Act (HIPAA) was enacted with stringent regulations to safeguard this data and its violations can be severe.

In an era where technology and transportation converge, the fusion of vehicles with IoT technologies heralds a new dawn of mobility. This leap forward promises enhanced connectivity and autonomous capabilities, yet casts a shadow of cyber vulnerabilities that could jeopardize not just the integrity of the vehicles but the safety of their passengers.

The EU Cyber Solidarity Act is a new initiative that follows the European Union's latest efforts to build stronger cyber defenses against evolving cybersecurity threats. This legislation introduces a new strategy for enhanced cooperation between EU member states and focuses on how EU nations can better prepare and respond to cyber incidents.

In a regulatory landscape where new national, vertical, or international regulations are published on what seems like a weekly basis, the European Commission’s NIS2 Directive stands out. This legislation, which applies to all organizations operating across the European Union, has provided legally binding measures which organizations must abide by in order to ‘boost the overall level of cybersecurity in the EU.’

Montana Governor Greg Gianforte signed Senate Bill 384, the Montana Consumer Data Privacy Act (MTCDPA), on May 19, 2023. The consumer privacy law will become effective on October 1, 2024, and requires covered entities that process personal data to comply with several transparency and disclosure obligations. The MTCDPA follows the structure and scope of other US state data privacy laws, including the California Consumer Privacy Act, Tennessee Information Protection Act, and Colorado Privacy Act.

Tennessee Governor Bill Lee passed the Tennessee Information Protection Act (TIPA) on May 11, 2023. TIPA becomes effective on July 1, 2025, and groups Tennessee with California, Colorado, Virginia, and other states that have published their own data privacy law while waiting for a comprehensive federal law from the U.S. Government.

The EU Cyber Resilience Act (CRA) is a major piece of cyber legislation passed in 2024 in the European Union (EU) that regulates cybersecurity for digital products and services. The EU Cyber Resilience Act directly complements the NIS2 Directive, which regulates risk management and incident reporting across the European market.