Photo of Deborah George

Deborah George is a member of Robinson+Cole’s Business Litigation Group as well as its Data Privacy + Cybersecurity Team. Ms. George advises clients on and focuses her practice on data privacy and security, cybersecurity, and compliance with related state and federal laws. She also has experience providing counsel in civil litigation and employment law matters. She has significant experience offering advice and counsel on legal issues related to human services agencies, including Medicaid, as well as drafting and reviewing contracts, business associate agreements, and data use agreements. Read her full rc.com bio here.

Marriott recently won dismissal of a proposed class action data breach lawsuit alleging several violations, including a violation of the California Consumer Privacy Act (CCPA). The case, Arifur Rahman v. Marriott International, Inc. et al., Case No.: 8:20-cv-00654, was dismissed in an Order by U.S. District Court Judge David O. Carter on January 12, 2021.

The Office of the Comptroller of the Currency, Treasury (OCC), the Board of Governors of the Federal Reserve System (Board), and the Federal Deposit Insurance Corporation (FDIC) recently announced a “Notice of Proposed Rulemaking for the Computer-Security Incident Notification Requirements for Banking Organizations and Their Bank Service Providers.” This new rule would require a banking

On December 11, 2020, California Attorney General Xavier Becerra released the fourth set of proposed modifications to the regulations of the California Consumer Privacy Act of 2018 (CCPA). This fourth set of proposed modifications is in response to comments received to the third set of modifications that were released on October 12, 2020. According to

There is a new federal IoT law, H.R. 1668, the IoT Cybersecurity Improvement Act of 2020, that recently passed the House and Senate and was signed by the President on December 4. The bill had 26 co-sponsors, representing Democrats and Republicans almost equally, and enjoyed bipartisan support in an era that has not seen

The California Consumer Privacy Act (CCPA) requires businesses covered by the CCPA to notify their employees of the categories of personal information the business collects about employees and the purposes for which the categories of personal information are used. The categories of personal information are broadly defined in the CCPA and include personal information such