Tag archives: Colorado

ICYMI – Late December in privacy and cybersecurity

By David Kessler (US) and Susan Ross (US) on January 30, 2023 Posted in Cybersecurity, Privacy law

Late December and early January tend to be a busy time for everyone, so you may have missed a privacy update or two during that time. We have set out some updates in the form of questions, with some links where you can find more information. Answers are below. 1. Colorado issued a revised draft … Continue reading

US states pass data protection laws on the heels of the GDPR

By Jeewon Kim Serrato (US), Chris Cwalina (US), Anna Rudawski (US), Tristan Coughlin* (US) and Katey Fardelmann (US) on July 9, 2018 Posted in Compliance and risk management, Regulatory response

Data Protection Report - Norton Rose Fulbright

Several U.S. states have recently introduced and passed legislation to expand data breach notification rules and to mirror some of the protections provided by Europe’s newly enacted General Data Protection Regulation (“GDPR”). See our previous blog posts on GDPR here and here. Like their European counterparts, these state laws are intended to provide consumers with … Continue reading

Amended Colorado bill aims to enhance data privacy laws

By on February 21, 2018 Posted in Regulatory response

As Data Protection Report posted on January 29, 2018, lawmakers in Colorado are considering legislation that, if enacted, would significantly strengthen Colorado’s data privacy protections. On Wednesday, February 14, 2018, an amended bill passed unanimously in Colorado’s House Committee on State, Veterans and Military Affairs.… Continue reading

South Dakota and Colorado strengthen data breach protections

By on January 29, 2018 Posted in Regulatory response

Norton Rose Fulbright - Data Protection Report blog

Last week, South Dakota moved closer to implementing a data breach notification law, while Colorado legislators introduced a new bill requiring “reasonable security procedures,” imposing data disposal rules and shortening the time frame in which to alert authorities regarding a breach. South Dakota and Colorado are the latest states taking steps in cybersecurity lawmaking in … Continue reading

Colorado Division of Securities Adopts Final Cybersecurity Rule

By on June 9, 2017 Posted in Compliance and risk management, Regulatory response

Broker-dealers and investment advisers in Colorado will soon be required to comply with new rules designed to protect the electronic information they collect and maintain. On May 19, 2017, the Colorado Division of Securities adopted final cybersecurity rules under the Colorado Securities Act. In addition to requiring written procedures that are “reasonably designed to ensure … Continue reading

Colorado House Advances Bill to Protect Student Privacy

By on April 27, 2016 Posted in Compliance and risk management, Data breach, Vendor management and transactions

State education departments and legislatures are grappling with the privacy implications of the expanded use of technology in classrooms and schools serving as central data repositories of a host of personally identifying information (“PII”) on minors. In New York, a group of parents sued the state’s education department to prevent it from handing over students’ … Continue reading