Search results

[…] under federal health privacy law at all. Instead, protections depend on the state where a user lives, or whether the product falls under one of a growing number of state-level privacy laws or consumer health privacy laws. Laws like New York’s S929/NY HIPA, which remains in legislative limbo, reflect growing state interest in regulating […]

[…] generate a human-readable response. Stage 2: Embedding contextual information Complex contextual information can be reflected as patterns in high-dimensional vectors. The greater the complexity, the higher the number of features that are needed. These are reflected as parameters of the high dimension vectors. Contrariwise, low dimension vectors contain fewer features and have lower representational […]

[…] likely to result in a “high risk” to data subjects. The draft guidelines propose a two-tier approach to assess this risk, considering both quantitative factors (like the number of data subjects) and qualitative ones (such as data sensitivity). Notably, if a DPIA reveals a high overall risk, organizations may be required to notify the […]

[…] of certain types of personal data. Under the amendments, a controller cannot disclose the following types of data in response to a consumer access request: social security number; government-issued identification number (including driver’s license number); financial account number; health insurance or medical identification number; account password, security question or answer; and biometric data. Instead, […]

[…] data minimization paradigm embodied in MODPA, MHMD, and the NYCPA, the collection of data itself is prohibited unless it is deemed necessary for providing a product or service requested by the consumer. In this regard it is closely related to purpose specification. In a substantive model, collection and use is tied to the nature […]

[…] BOARD MEETING June 11–13, 2025 • Washington, D.C. Sovereignty, Localization, and Related Challenges to Effective Cybersecurity Discussion Leads: John Verdi and Jocelyn Aqua SESSION DESCRIPTION An increasing number of regulations seek to restrict or limit organizations‘ ability to process data in certain countries or outside of specific jurisdictions. These restrictions are creating significant challenges […]

[…] to tie the collection of personal data, and the processing of sensitive data to what is ” strictly necessary” to provide or maintain a specific product or service requested by the consumer. As we approach that law’s effective date , how are you thinking about compliance? Do you see Maryland’s standard as meaningfully different? […]

[…] hospital protocols and support decision-making in the healthcare sector. Finally, Banco do Brasil is developing a Large Language Model (LLM) to assist employees in providing better customer service experiences. The study also highlights the increasing popularity of commercially available generative AI systems such as OpenAI’s ChatGPT and Google’s Gemini among Brazilian users.  In this […]

[…] dra ft cyb er la w s in pla ce as was th e ca se durin g th e dra ft in g of th e East A fr ic a Com munit y (E A C ) Cyb erla w s Fra m ew ork . T he se re ne w […]

[…] Issue Brief begins by highlighting ongoing sub-regional efforts to shape frameworks for cross-border data flows, including through the work by the African Union, the Economic Community of East African States (ECOWAS), the East Africa Community (EAC), and the Southern Africa Development Community (SADC). These efforts show early alignment toward shared standards, but also underline […]