Choose Site
TECHNOLOGY, OUTSOURCING, AND COMMERCIAL TRANSACTIONS
NEWS FOR LAWYERS AND SOURCING PROFESSIONALS
Last week, we posted on the guidance issued by the US Department of Labor (DOL) for plan sponsors, plan fiduciaries, recordkeepers, and plan participants on cybersecurity best practices. Last week’s post focused on the guidance provided for hiring a service provider. In this week’s post, we will highlight some the DOL’s cybersecurity program best practices for use by recordkeepers and other service providers responsible for plan-related IT systems and data.
The US Department of Labor (DOL) recently announced guidance for plan sponsors, plan fiduciaries, recordkeepers and plan participants on cybersecurity best practices. The guidance focuses on three areas: (1) tips for hiring a service provider; (2) cybersecurity program best practices; and (3) online security tips. In this post, we will focus on the DOL’s tips for plan sponsors and plan fiduciaries in selecting a service provider.
Spotlight
Welcome to the second post in our Spotlight series, where we talk with a leader in a particular field or emerging area of interest to technology and sourcing lawyers and professionals.
In November 2020, Massachusetts voters approved Question One, a ballot initiative amending the Commonwealth’s 2012 Right to Repair Law. The amendment provides that motor vehicles sold in Massachusetts “with model year 2022” will be required “to equip any such vehicles that use telematics systems – systems that collect and wirelessly transmit mechanical data to a remote server – with a standardized open access data platform. Owners of motor vehicles with telematics systems would get access to mechanical data through a mobile device application.”
Traders selling goods, services, and/or digital content online to consumers in the United Kingdom and the European Union need to comply with laws requiring the provision of certain information as part of the sales process.
The European Commission (Commission) published draft Article 28 standard contractual clauses (Article 28 Clauses) last month for use between controllers and processors when processing personal data in the European Union. Somewhat confusingly, these clauses share the same name as the new Standard Contractual Clauses for personal data transfers out of the EEA, which were also published in November 2020; however, the two are distinct.
The World Intellectual Property Office (WIPO) held its third “Conversation on Intellectual Property and Artificial Intelligence” on November 4, 2020, to discuss its revised issues paper on Intellectual Property Policy and Artificial Intelligence.
The California Privacy Rights Act of 2020 (CPRA), which expands consumer privacy rights, passed as California Proposition 24 on November 3, 2020.
The UK Information Commissioner’s Office (ICO) has recently handed down two of the largest fines relating to a data breach in UK history.
Please join us on November 11 for a webinar discussing Russian privacy laws. Technology, outsourcing, and commercial transactions partners Anastasia Dergacheva and Ksenia Andreeva will discuss privacy regulations worldwide and trends for 2021, with a focus on Russian privacy law.