Skip to content

menu

Current Page: All TopicsHomeAboutServicesSubscribeContact

Search

Close

Enter Search Terms

Cybersecurity Sub-MenuData BreachData SecurityData Privacy Sub-MenuAddress ConfidentialityCCPACPRAFERPAPrivacy PolicyWorkplace PrivacyData Collection Sub-MenuAddress ConfidentialityNotificationVendor ManagementBy Region Sub-MenuCCPACPRAEuropean Privacy RegulationsGDPRGlobal Privacy ControlTechnology Sub-MenuAdtechArtificial Intelligence (AI)Biometric TechnologyBlockchain/Distributed Ledger TechnologyCoverage for Emerging TechnologiesFacial Recognition TechnologyFintechHealthcare Sub-MenuBiometric TechnologyHIPAA / Electronic Health InformationU.S. Department of Health and Human Services (HHS)Insurance Sub-MenuAdditional InsuredsClaims Management and ResolutionInsurance Law DevelopmentsInsurance Policy Applications

Current Page: All Topics

Online and On Point

A Resource for Privacy Developments and Cybersecurity Risks in an Era of Evolving Technology

Topics

Address Confidentiality

ALERT: New State Privacy Requirements for Mortgages Funded After December 1, 2021 Threats, Harassment, and Contact Tracing: Why Privacy Programs are Expanding to Protect Health Care Workers

Adtech

The TCPA Landscape in 2025: Key Developments and Compliance Priorities New TCPA Consent Requirements Out the Window: What Businesses Need to Know Can Privacy Be Bought? How Scrutiny of Meta’s Subscription Model Has Wider Implications - PART I

Announcements

A Letter from the Editors

Artificial Intelligence (AI)

Colorado’s Artificial Intelligence Act (CAIA) Updates: A Summary of CAIA’s Consumer Protections When Interacting with Artificial Intelligence Systems Understanding the Utah AI Act and Newly Effective Amendments: What Your Business Needs to Know AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes

Banking & Financial Services

Understanding the Utah AI Act and Newly Effective Amendments: What Your Business Needs to Know

Biometric Technology

Understanding the Utah AI Act and Newly Effective Amendments: What Your Business Needs to Know Nothing Is Really Private, Until It Is Required to Be: Mississippi Legislature Proposes “Biometric Identifiers Privacy Act” to Protect Individual’s Personal Information Biometric Privacy Law Expansions and Private Rights of Action

Blockchain/Distributed Ledger Technology

Business Email Compromise: The Most Prevalent – and Preventable – Cyber Risk

CCPA

The California “Delete Act” Becomes Law Navigating Data Ownership in the AI Age, Part 1: Types of Big Data and AI-Derived Data Technological and Legal Defenses Against Privacy Attacks on Machine Learning Models

CISA

Balancing Act: Industry Concerns Over CISA's Proposed Cyber Incident Reporting Rule

Claims Management and Resolution

Four New Cyber War Exclusions from Lloyd’s Market Association 3 Cyber Insurance Steps Critical to Cyber-Risk Management

CMMC

Continuing Effort to Protect National Security Data and Networks New “Basic Assessment” Is a Bridge to CMMC for Defense Contractors

Consumer Protection

The TCPA Landscape in 2025: Key Developments and Compliance Priorities New TCPA Consent Requirements Out the Window: What Businesses Need to Know FTC’s “Click to Cancel” Rule to Simplify Subscription Cancellations Becomes Effective

Coronavirus (COVID-19)

A Second Chance for the Public Health Emergency Privacy Act Privacy Requirements under COVID-19 Emergency Rental Assistance Program 2020 Brings Times of Change: Key Privacy Law Updates This Year

Coverage for Emerging Technologies

Colorado’s Artificial Intelligence Act (CAIA) Updates: A Summary of CAIA’s Consumer Protections When Interacting with Artificial Intelligence Systems Navigating Data Ownership in the AI Age, Part 2: Frameworks Governing Data Ownership Navigating Data Ownership in the AI Age, Part 1: Types of Big Data and AI-Derived Data

CPRA

Another Data Privacy Law? Colorado Enacts the Colorado Privacy Act Privacy Litigation Updates for the Financial Services Sector: Claims Against Yodlee Survive and Limited Discovery of Envestnet Allowed Privacy Moves to the East Coast: Virginia Set to Enact Comprehensive Consumer Data Protection Law

Cybersecurity

Colorado’s Artificial Intelligence Act (CAIA) Updates: A Summary of CAIA’s Consumer Protections When Interacting with Artificial Intelligence Systems The Why Behind the HHS Proposed Security Rule Updates Looking Back at the False Claims Act in 2024 as the Government Keeps its Sights on Cybersecurity in 2025

Data Breach

Cybersecurity Awareness Month Spotlight: The 5 Most Essential Reads from Online & On Point Rise in Healthcare Data Breaches & the Impact for Healthcare Providers in 2024 Ninth Circuit Upholds Arbitration in Data Breach Case: A Reminder for Businesses on the Importance of Terms and Conditions

Data Collection

PART 3: Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation Part 2: Children and Location: Ferguson’s FTC Privacy Enforcement Priorities New TCPA Consent Requirements Out the Window: What Businesses Need to Know

Data Privacy

PART 3: Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation Part 2: Children and Location: Ferguson’s FTC Privacy Enforcement Priorities PART 1: “Staying in Our Lane”: Andrew Ferguson’s FTC Philosophy on Privacy Enforcement

Data Security

AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes HHS’s Proposed Security Rule Updates Will Require Adjustments to Accommodate Modern Vulnerability and Incident Response Issues HHS Security Rule NPRM Proposes Makeover for Administrative Safeguard Compliance for Regulated Entities

European Privacy Regulations

Can Privacy Be Bought? How Scrutiny of Meta’s Subscription Model Has Wider Implications --PART II Can Privacy Be Bought? How Scrutiny of Meta’s Subscription Model Has Wider Implications - PART I Who Has My Data? EU Court Rules GDPR Requires Disclosure of Data Recipient Identities, Not Just Categories, in Response to Data Subject Access Requests

Facial Recognition Technology

Nothing Is Really Private, Until It Is Required to Be: Mississippi Legislature Proposes “Biometric Identifiers Privacy Act” to Protect Individual’s Personal Information Biometric Privacy Law Expansions and Private Rights of Action Privacy at the Polls: Portland, Maine Votes to Ban Facial Recognition Technology

False Claims Act

Looking Back at the False Claims Act in 2024 as the Government Keeps its Sights on Cybersecurity in 2025 The False Claims Act in the Age of Digital Privacy The False Claims Act in 2023: A Government Enforcement Update

Federal Agencies

PART 3: Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation Part 2: Children and Location: Ferguson’s FTC Privacy Enforcement Priorities PART 1: “Staying in Our Lane”: Andrew Ferguson’s FTC Philosophy on Privacy Enforcement

Federal Trade Commission

PART 3: Data Categories and Surveillance Pricing: Ferguson’s Nuanced Approach to Privacy Innovation Part 2: Children and Location: Ferguson’s FTC Privacy Enforcement Priorities PART 1: “Staying in Our Lane”: Andrew Ferguson’s FTC Philosophy on Privacy Enforcement

FERPA

The Man Behind the Curtain: College Admissions and FERPA Requests

Fintech

A Fintech Leader’s Thoughts on the North Carolina Regulatory Sandbox Act Technology Boom in NC? What You Should Know About the Proposed Regulatory Sandbox in the Tarheel State Privacy Litigation Updates for the Financial Services Sector: Claims Against Yodlee Survive and Limited Discovery of Envestnet Allowed

GDPR

Navigating Data Ownership in the AI Age, Part 1: Types of Big Data and AI-Derived Data Who Has My Data? EU Court Rules GDPR Requires Disclosure of Data Recipient Identities, Not Just Categories, in Response to Data Subject Access Requests Another Data Privacy Law? Colorado Enacts the Colorado Privacy Act

Global Privacy Control

California Announces Increased Scrutiny on CCPA Violations with Latest $1.2 Million Enforcement Action Settlement Introducing… the Global Privacy Control

Healthcare

Colorado’s Artificial Intelligence Act (CAIA) Updates: A Summary of CAIA’s Consumer Protections When Interacting with Artificial Intelligence Systems Understanding the Utah AI Act and Newly Effective Amendments: What Your Business Needs to Know

HIPAA / Electronic Health Information

AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes The Why Behind the HHS Proposed Security Rule Updates HHS’s Proposed Security Rule Updates Will Require Adjustments to Accommodate Modern Vulnerability and Incident Response Issues

Insurance Law Developments

Ransom Payment Debate Is Reminder to Stick to Cybersecurity Fundamentals Four New Cyber War Exclusions from Lloyd’s Market Association A Fintech Leader’s Thoughts on the North Carolina Regulatory Sandbox Act

Insurance Policy Applications

Four New Cyber War Exclusions from Lloyd’s Market Association 3 Cyber Insurance Steps Critical to Cyber-Risk Management

Investigations/Enforcement

The Pentagon Finalizes Sweeping Cybersecurity Rules for DOD Contractors Mandatory Cybersecurity Incident Reporting: The Dawn of a New Era for Businesses Cybersecurity Enforcement Has Increased, and 2023 Will Be Worse!

Notification

Cybersecurity Awareness Month Spotlight: The 5 Most Essential Reads from Online & On Point

Policies

How Smart Is Your Artificial Intelligence Policy?

Privacy Policy

Phishing Subpoenas – A New Privacy Threat?Pet Stairs, Wiretapping, and Cookies: Implications of the Third Circuit’s Popa Opinion Connecticut Keeps the State Privacy Law Wave Rolling

Ransomware

Cybersecurity Awareness Month Spotlight: The 5 Most Essential Reads from Online & On Point Ransomware Reckoning – The New Bill Changes the Game Mandatory Cybersecurity Incident Reporting: The Dawn of a New Era for Businesses

Regulatory Supervision

FTC’s “Click to Cancel” Rule to Simplify Subscription Cancellations Becomes Effective Executive Order on Cybersecurity Sets Aggressive Timeline Biometric Privacy Law Expansions and Private Rights of Action

State Law Updates

Understanding the Utah AI Act and Newly Effective Amendments: What Your Business Needs to Know Florida Bill Proposes Safe Harbor Against Breach Suits to Businesses Maintaining Recognized Cybersecurity Programs Upholding the FTSA Amendment: Recent Legal Triumphs and Implications for the Future of Florida’s Mini-TCPA

TCPA

The TCPA Landscape in 2025: Key Developments and Compliance Priorities

U.S. Department of Health and Human Services (HHS)

AI Meets HIPAA Security: Understanding HHS’s Risk Strategies and Proposed Changes The Why Behind the HHS Proposed Security Rule Updates HHS’s Proposed Security Rule Updates Will Require Adjustments to Accommodate Modern Vulnerability and Incident Response Issues

Vendor Management

The Pentagon Finalizes Sweeping Cybersecurity Rules for DOD Contractors Navigating the New Frontier of Lead Generation DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors

Workplace Privacy

Cybersecurity Awareness Month: A Basic Primer to Keep Your Data & Information Safe 3 Cyber Insurance Steps Critical to Cyber-Risk Management A New Privacy Headache: Virginia’s COVID-19 Workplace Safety Rule is Poised to Impact Privacy

Instagram Twitter LinkedIn Facebook RSS

DisclaimerPrivacy PolicyAttorney Advertising

All Topics
Home
About
Services
Subscribe
Contact

About Our Firm

Bradley is a national law firm with a reputation for skilled legal work, exceptional client service, and impeccable integrity. Our more than 700 attorneys provide business clients around the world with a full suite of legal services in dozens of industries and practice areas. Bradley’s 13 offices are located in Alabama, Florida, Georgia, Mississippi, North Carolina, Tennessee, Texas, and the District of Columbia, giving us an extensive geographic base to represent clients on a regional, national, and international basis. We frequently serve as national coordinating counsel, regional counsel, and statewide counsel for clients in various industries.

Copyright © 2025, Bradley Arant Boult Cummings LLP. All Rights Reserved. Attorney Advertising.

Law blog design & platform by LexBlog