We have written here before about the challenges and benefits of getting rid of old data. As we have noted, in light of recent legal, regulatory, and technological developments, companies should reevaluate their long-term data management planning. Last week, the New York Department of Financial Services (“NYDFS”) issued a reminder… Read More
In the lead-up to the EU’s General Data Protection Regulation (“GDPR”) becoming effective on May 25, little attention was paid in the U.S. to the private right of action that the GDPR creates. But so far, private actors have filed approximately 24 cross-border GDPR complaints with EU regulators.
At least … Read More
For years, the default setting at many companies was to keep electronic data indefinitely. Storage is cheap, there are legal risks associated with deleting data, and you never know when an email from 10 years ago is going to become important. Some companies have document management policies, but often they … Read More
A recent article in the American Lawyer highlights the growing relevance of lawyer-led “tabletop” exercises, where companies engage in half-day or full-day drills designed to test their response plans for various crisis scenarios.
Executives are increasingly utilizing these exercises to hone their emergency policies, procedures, and decision-making. Originally developed to … Read More
For U.S. companies subject to the GDPR, figuring out breach notification obligations is about to get even harder as the GDPR adds another layer of complexity to the existing patchwork of 50 different state breach notification laws and several federal ones.
The GDPR will come into force on May 25, … Read More