Privacy And Cybersecurity CLE
Quimbee's privacy and cybersecurity continuing legal education (CLE) courses deliver the content lawyers need with engaging videos that are fun to watch.
Start your FREE 7-day trial
Privacy And Cybersecurity FAQ
Quimbee Privacy and Cybersecurity Law CLE Online
If you’re looking for a simple, engaging way to learn about privacy and cybersecurity law and fulfill your continuing legal education (CLE) requirements, look no further than Quimbee CLE online.
All Quimbee CLE online courses are built from the ground up by our world-class team of attorneys and designers. Our goal is to create a product that will not only help you meet your CLE requirements but will actually be enjoyable. Sign up for a Quimbee CLE course today!
An Overview of Privacy and Cybersecurity Law
Privacy law is an area dealing with the regulation, storage, and use of personal information - including identification, healthcare materials, and financial information - and cybersecurity is a subtype of privacy law. While U.S. law offers no universal definition of “cybersecurity", generally, cybersecurity law relates to the safeguarding of information technology and computer systems. Protecting sensitive data has become a vital imperative to many businesses across the country.
Cybersecurity laws may include laws related to cybercrime (e.g., hacking), cyber-attacks or terrorism (e.g., ransomware attacks), as well as general security practices required of businesses and government entities.
At the federal level, the United States has enacted three major cybersecurity regulations. The 1996 Health Insurance Portability and Accountability Act (HIPAA), 42 U.S.C. § 1320d–6, implemented standards to protect sensitive patient health information. The 1999 Gramm-Leach-Bliley Act, 15 U.S.C. § 6801, requires financial institutions to safeguard sensitive data. The 2002 Federal Information Security Management Act (FISMA), 44 U.S.C. § 3561, implemented information-security policies for federal agencies. Businesses may also need to comply with relevant state laws (such as the California Consumer Privacy Act) and international regulations (such as the General Data Protection Regulation.)
Who Should Take CLE Courses in Privacy and Cybersecurity Law?
In our increasingly public and tech-centered world, neither privacy nor cybersecurity issues certainly are not going away any time soon. As the world continues to move online, cybersecurity laws and regulations will continue to be refined and updated. For any lawyer working on privacy and cybersecurity issues, a CLE course in this field is one of the best ways to stay up-to-date on the legal developments in your industry. Attorneys practicing business or commercial law will benefit from a CLE course in privacy and cybersecurity, as more businesses are having to comply with regulations about data security. Insurance law practitioners may have an interest, as many companies are taking out cyber liability policies. Government and nonprofit attorneys may find these courses useful as well since cybersecurity threats can cripple the functions of their institutions.
You might also be interested in...
Cyber Security for Law Firms 101
Cyber security issues across numerous industries have been hard to miss in recent years and law firms are no exception. In this introductory discussion, we’ll talk about the basics of cyber security as it pertains to law firms. Along the way, we’ll discuss the wide array of threats to law firm and client data, electronic scams, tricks and the consequences that can come with them, as well as the steps to take in order to prepare for the next inevitable attack.
Legal Ethics and Cyber Security
In 2012, the American Bar Association implemented “technical amendments” to a number of the Model Rules of Professional Conduct in order to address the evolution of technology in legal practice and the obligation to secure client data. We will discuss the amendments, subsequent ABA Formal Opinions clarifying the Rules’ application in practice, and basic steps needed to comply with the Rules. We will cover measures to secure the confidential client data on your firm network, individual computers, and mobile devices.
Trickery, Deceit, & Cyber Scams
Cyber security is generally seen as a technological field, but criminal hackers often employ low-tech "social engineering" attacks against people using the networks they seek to target. These attacks are actually the initial cause of most data breaches and other security incidents. How do they work? And what can you do to protect your clients and your practice?
Privacy & Data Security Challenges in Remote Work
At two years into the pandemic, remote work is still a fact of life for many employers and employees, and cyber threats continue to rise. What are the challenges in ensuring that employers’ privacy and security policies are compliant and effective in these circumstances? This program will review regulators’ current best practices and provide tools to help lawyers advise their clients on the cybersecurity and data privacy rules and principles essential in remote work environments.
What Every Attorney Needs to Know About Cybersecurity and Data Privacy
Attorneys in firms of all sizes – from solo practitioners to lawyers are multinational Big Law firms - face a number of ethical issues relating to cybersecurity, and preserving the confidentiality and security of their clients’ data. Contrary to what some lawyers may believe, law firms are often a valuable target for hackers because they can hold vast collections of sensitive and highly valuable client-related data. These cybersecurity threats come from individual hackers, international cybercriminals, and even a firm’s own attorneys and other employees. This program provides a basic primer on attorneys’ ethical obligations to understand and address the cybersecurity risks they face, and provides practical advice for attorneys in addressing issues that arise will undoubtedly arise in their legal practice.
Ransomware Part II - So You've Been Attacked, How to Respond
Now you know about ransomware. You know the types, you know how the attacks work, and you know what to do and not do in response to an attack. But so far, we’ve focused on how to stop the attack and resume operations as soon as possible. But in most cases, a ransomware attack also impacts individuals outside of an organization – customers and clients.
Current Issues in Technology Part II
This course is designed to expand on various issues under the umbrella of technology law. In every aspect of a lawyer’s career, technology plays a role. Technology is so important to today’s lawyer that state Bars are starting to add a technology element to required CLEs. This course provides a summary of issues related to e-discovery issues should litigation ensue and addresses attorney duties in regards to data security.
Cybersecurity Work From Home
For some time, 21st Century workers have had access to a huge set of sensitive electronic information – some reflecting proprietary company information and a broad swath of it containing private information as to individual customers and workers. Now, with widespread Working From Home (WFH) wrought by the pandemic, cybersecurity is more important than ever. Every modern organization/client, in-house legal department and law firm needs to train and monitor workers as to a wide range of key do’s and don’ts. This action-packed webinar will cover a host of practical tips relating to: 1) physical security; 2) data security; and 3) video and audio calls over the web. The presenter, a nationally recognized lawyer, technologist and educator, will also provide an overview of what to do in the throes of an incident in which data appears to have been compromised.
Preparing for the Inevitable: How to Get Ready for and Respond to a Data Breach
Cyber attacks threaten all businesses and, sooner or later, every business finds themselves to be the victim of one. Responding to a cyber incident quickly and effectively can help businesses avoid substantial fines and litigation. But how do you prepare? By using facts and scenarios from actual cases, and reviewing the latest developments in the law, this course will provide practical advice for attorneys in helping their clients prepare for and respond to a data breach.
GDPR Fundamentals
In this course you will learn the basics of the world’s leading privacy law – the General Data Protection Regulation (GDPR). We will address key provisions of the GDPR including who it applies to and the obligations it imposes. We will address the fundamental privacy rights of individuals including the right to privacy, the right to transfer personal data, the right to be forgotten and more.
The Ethics of Cybersecurity
This CLE program will help lawyers understand how using technology responsibly and protecting electronic data are actually ethical obligations. The first part of the program examines a lawyer’s duty of competence (rule 1.1) with respect to data security. The second portion of the program explains a lawyer’s confidentiality (rule 1.6) obligations with respect to protected client information. The third portion of the program analyzes how, and when, a lawyer needs to communicate (rule 1.4) a suspected data breach to her client. The final portion of the program discusses the Rules governing the supervision of trained IT professionals (rule 5.3).
Cyber Security in Large Law Firms
Large law firms are constantly fending off a variety of ever-evolving electronic threats. Some are sophisticated, some not so much. They include electronic attacks, misplaced and stolen devices, everyday mistakes and an endless assortment of tricks and scams. Any of these can lead to serious consequences. In this program, we’ll discuss those threats and the consequences that can come with them, as well as measures to reduce the risk to organizational assets and prepare for the inevitable next attack.
Cybersecurity and Data Privacy Law: The Basics
As data breaches continue to proliferate, state legislatures across the country have strengthened their existing data privacy and protection statutes, or have created new ones, with an increased focus on consumer protection. This program will provide an overview of trends in this legislation, with an emphasis on how the states are shifting their focus towards compressive data privacy laws that put more control over how personal data is used into the hands of consumers. The program will also provide an overview of cyber best practices, and how those practices translate into statutory best practices.
The California Consumer Privacy Act: Everything You Need to Know
High-profile data privacy scandals and foreign privacy laws, such as Europe’s General Data Protection Regulation, prompted California to adopt the first comprehensive data privacy law in the United States in 2018, with other states following closely behind. This course focuses on the California Consumer Privacy Act (“CCPA”), detailing which entities fall within its scope, what kind of data it protects, and how businesses can comply with it, including the amendments to the CCPA passed by ballot initiative in 2020.
Cybersecurity Threats to National Security: The Biden Administration’s Response
Cybersecurity attacks and the threat actors that perpetrate them are increasingly threatening our National Security – and the Biden Administration has taken notice. Accordingly, various legislatures and regulators have identified cybersecurity as a key focus, implementing new laws and regulations to encourage businesses in various sectors to enhance security protections for covered data. Additionally, regulators are increasingly pursuing enforcement actions related to cybersecurity security. In this session, we will provide an update regarding recent cybersecurity rules, regulatory guidance, and legislation. Participants will gain an overview of the cybersecurity regulatory landscape and best practices to meet the requirements of the robust cybersecurity regulatory environment.
Surveillance, Social Media and Spying Part I: Wiretaps, Audio Evidence and Video Surveillance Rules
This course discusses the rules surrounding audio recordings, the wiretap act and video and audio surveillance. The course details the basic statutory and common law rules regarding private party surveillance and how that applies to civil litigation.<br>
Surveillance, Social Media and Spying Part II: Computer Traipsing, Social Media, Tracking Devices, Facial Recognition and More!
This course further expands the principles learned in Part I by comparing the statutory framework to common law invasion of privacy. This course will address how both those systems interplay with new technology such as social media, GPS tracking devices, facial recognition, and drone technology. These rules will center on their applicability to private party surveillance as opposed to government surveillance and how it affects civil litigation.
Corporate Transparency Act: A Primer
The Corporate Transparency Act is going to change dramatically the way that founders and investors in privately-held companies interact with each other. The CTA, once implemented, will require roughly 25 million U.S. companies to file a beneficial ownership report with FinCEN, the Financial Crimes Enforcement Network of the U.S. Treasury. Each beneficial ownership report will contained personally-identifiable information (PII) about each of the company’s “company applicants” and “beneficial owners.” FinCEN will maintain a database of beneficial ownership information that will be confidential, but accessible by specific law enforcement agencies pursuant to regulations that FinCEN will adopt. Understanding how the CTA will change the interactions between founders and investors will allow attorneys to modify the contractual relations between those parties in anticipation of the CTA coming into effect.
Email Communications for Lawyers: Strategies and Ethics
Lawyers and staff are drowning in email, and many feel helpless when trying to get it under control. While communicating with clients via email may be quick and easy, there are ethical pitfalls that can cause problems for unwary lawyers. This program will cover how to efficiently store and organize email and attachments, successfully deal with high email volume, and communicate ethically and effectively with clients.
General Liability Insurance Coverage for Data Breaches
This course will provide an overview of the insurance coverage provided by Commercial General Liability (CGL) policies. This overview will include a summary of an insurer’s duties to defend and indemnify its policyholder for losses covered by the policy. The presentation will then provide an in-depth analysis of the 2013 Target data breach and ensuing insurance-coverage decision. Finally, the course will conclude with a discussion of the impact the Target decision will have on other policyholders with CGL policies.
Legal Aspects of Record Retention Policies and the Defensible Disposition of Records
Record-keeping and disposition policies and decisions are more important now than ever before, given the ease with which information is created and communicated, the multitude of digital applications, and the constant advancement of technology. Information, in either physical or electronic form, is an essential piece of doing business, yet the legal risks associated with retaining or destroying information are not always appreciated. Lawyers should understand the legal aspects of record-related policies and the possible legal consequences when records that should be kept are instead destroyed so they can counsel their clients when such issues arise.
Navigating the Information Blocking Rule: Compliance Challenges and Risk Mitigation Strategies
On May 1, 2020, the U.S. Department of Health and Human Services (HHS) implemented a paradigm shift in the manner in which patient electronic health information (EHI) is accessed, used, and disclosed through its publication of the Information Blocking Rule. Shifting from a landscape dominated by the Health Insurance Portability and Accountability Act (HIPAA), which imposed a permissible data disclosure framework under its Privacy Rule, the newly passed Information Blocking Rule imposes mandatory disclosure requirements on healthcare actors. Implementing the Information Blocking Rule’s requirements has proven challenging to many health care actors, who still struggle to achieve compliance amidst the shifting regulatory standards. This CLE provides an overview of the Information Blocking Rule and its exceptions, highlights common compliance challenges that have arisen in the information blocking context, and proposes risk mitigation strategies to help health care actors achieve compliance.
Post-Dobbs Privacy and Security: Understanding Legal Protections for Reproductive Health Data
The changing reproductive health landscape has created confusion and fear among individuals identifying as female as to the privacy and security of their sensitive health data. Following the Dobbs decision, many women have abandoned their period tracking and female health technology (femtech) apps out of fear that their health data could be used to prosecute them for an abortion-related crime. This presentation (i) provides an overview of the shifting reproductive health landscape and privacy laws applicable to healthcare providers and femtech companies, (ii) describes how reproductive health data may be accessed and used by law enforcement officers, and (iii) provides suggestions for practical steps that femtech companies and healthcare providers can take now to help the women’s health industry regain consumer trust.
Deep Fakes: A Rising Threat to Cyber Security, Law, & Society
Deepfake technology can be used to create video (and audio) content that looks genuine, but isn’t. It has been used to craft funny parody videos and cute marketing campaigns, as well as spread disinformation, scams and all-too-realistic nonconsensual pornography. Deepfake technology is easy to use, readily accessible, and spreading. In this program, we’ll discuss deepfake-related cyber threats to lawyers and law firms, potential legal consequences, as well as addressing efforts to mitigate the associated risk as technological controls – and the law – try to catch up.
Privacy in the Skies - Overview of Federal Drone Law
As drone technology continues to evolve and drones evolve from novelty items to a central part of business operations in a variety of fields ranging from logistics and public utilities to real estate and construction, commercial drone operators must ensure that their operations comply with emerging federal drone privacy law. In this overview of the provisions of the FAA Reauthorization Act of 2018 governing the privacy practices of commercial drone operators, we cover key provisions governing operators’ privacy policies and compliance with the emerging patchwork of state and local information privacy and security laws. We also address emerging issues in federal preemption law related to the applicability of state and local information privacy and security laws to the aviation sector.
Ransomware Part I - How to Prevent an Attack
Ransomware permeates the news. But what do you really know about it? Well, if you watch this three-part series, the answer will be a lot. We will talk about ransomware, how to respond, how to report, and how to take steps to minimize the impact of an attack. In Part 1, we will talk about ransomware and how to respond to an attack.
Ransomware Part III - Safety Post-Attack
Now you know about ransomware. You know the types, you know how the attacks work, and you know what to do and not do in response to an attack. (Part 1) And you know how to message the attack, when to report to the FBI, and how to negotiate a ransom demand (that is if you watched Part 2). Wouldn’t it have been nice to avoid all of that? While no one can guarantee a ransomware attack won’t occur, your organization can take steps to minimize the likelihood of one happening and minimizing the impact if one does. Interested? Then watch part three of this three-part series.
Traveling Internationally With Digital Data: A Changing Legal Landscape for U.S. Border Searches
Have you ever thought about what is stored in your mobile phone, smartwatch, or laptop when you travel, and who can access that information? This course will address the current state of the law governing searches of international travelers’ electronic devices at the U.S. border. The course will then discuss the changing legal landscape in light of technological advancements in the amount of digital data that people carry with them when they travel.
The Law of Cryptocurrency and Blockchain Technology: What Do Businesses, Investors, and Consumers Need to Know?
From FTX to NFTs, it seems like cryptocurrency and blockchain technology are at the top of news and culture. But which laws apply to this technology, and which government entities regulate this space? And what do businesses, investors, and consumers need to know to avoid legal pitfalls?
Cyber Security for Law Firms 101
Cyber security issues across numerous industries have been hard to miss in recent years and law firms are no exception. In this introductory discussion, we’ll talk about the basics of cyber security as it pertains to law firms. Along the way, we’ll discuss the wide array of threats to law firm and client data, electronic scams, tricks and the consequences that can come with them, as well as the steps to take in order to prepare for the next inevitable attack.
Legal Ethics and Cyber Security
In 2012, the American Bar Association implemented “technical amendments” to a number of the Model Rules of Professional Conduct in order to address the evolution of technology in legal practice and the obligation to secure client data. We will discuss the amendments, subsequent ABA Formal Opinions clarifying the Rules’ application in practice, and basic steps needed to comply with the Rules. We will cover measures to secure the confidential client data on your firm network, individual computers, and mobile devices.
Trickery, Deceit, & Cyber Scams
Cyber security is generally seen as a technological field, but criminal hackers often employ low-tech "social engineering" attacks against people using the networks they seek to target. These attacks are actually the initial cause of most data breaches and other security incidents. How do they work? And what can you do to protect your clients and your practice?
Privacy & Data Security Challenges in Remote Work
At two years into the pandemic, remote work is still a fact of life for many employers and employees, and cyber threats continue to rise. What are the challenges in ensuring that employers’ privacy and security policies are compliant and effective in these circumstances? This program will review regulators’ current best practices and provide tools to help lawyers advise their clients on the cybersecurity and data privacy rules and principles essential in remote work environments.