From privacy legislation to health data and crypto-asset regulations, this quarter’s legal and information governance update covers a wide range of new laws and regulations.
Throughout the update, we’ve included notations in italics, where applicable, if the regulatory updates have been added to our IG and retention management software, Virgo™, as a courtesy to active clients.
Continue reading to become informed of the latest regulatory and provisional information you need to do your job as efficiently and confidently as possible!
This new law, which goes into effect on July 1, 2024, regulates the collection, storage, and processing of personal data of children under eighteen.
Cited in Virgo as, “CAL. CIV. CODE § 1798.99.31(a)(1)” under the Title, “The California Age-Appropriate Design Code Act”.
Virgo citations will be available when final text published in Indiana Code Annotated
Virgo citations will be available when final text published in Iowa Code Annotated
Virgo citations will be available when final text published in Montana Code Annotated
Virgo citations will be available when final text published in Tennessee Code Annotated
Effective March 31, 2024, this law creates new restrictions on the collection and disclosure of consumer health data by companies in Washington or that process health data of Washington residents. It seeks to protect consumer location data and restrict the sharing of health data for advertisements or other purposes unless companies obtain consent from consumers. It also gives consumers a private right of action and companies could face enforcement actions and penalties of up to $7,500 per violation. Consumers will have the right to request access to or deletion of their health data, and businesses must provide a list of all third parties/affiliates who receive health data from the business, including contact information.
Virgo citations will be available when final text published in the Revised Code of Washington Annotated
Join us as we break down the realities of AI, discuss practical steps to future-proof your governance strategies, and have some fun along the way. You’ll hear from experts who know exactly what’s happening (and not happening) in AI regulation,…
Effective July 31, 2023, the SEC will require additional quarterly disclosures by issuers when repurchasing their shares, including:
These amendments include a new 2-year retention requirement for written representation from directors or senior management relied on when determining whether to check the box under “Issuer Purchases of Equity Securities” as part of the required additional disclosure form.
Cited in Virgo as, “17 C.F.R. § 229.601(b)(26)(vi)” under the subheading, “Standard Instructions for Filing Forms Under Securities Act of 1933, Securities Exchange Act of 1934 and Energy Policy and Conservation Act of 1975—Regulation S–K”.
The Regulation of the European Parliament and of the Council on Markets in Crypto-Assets provides a unified regulatory framework for crypto asset markets in the EU. On April 20, 2023, MiCA was formally adopted by the European Parliament and is expected to be published in the official journal in the summer of 2023. Most provisions are expected to come into effect in January 2025, but certain requirements concerning asset-referenced tokens and e-money tokens will apply 12 months after the rules come into force. MiCA is slated to become the first major comprehensive regulatory framework on crypto assets. This new Act imposes security-related requirements for organizations that make, import, or distribute any products capable of connecting to the internet or a network.
Crypto-asset service providers shall keep records of all crypto-asset services, activities, orders, and transactions undertaken by them for 5 years. Those records shall be sufficient to enable competent authorities to fulfill their supervisory tasks and to take enforcement measures, and to ascertain whether crypto-asset service providers have complied with all obligations including those with respect to clients or prospective clients and to the integrity of the market.
Citations in Virgo coming later this Summer under the Title, “Markets in Crypto-Assets (MiCA) Regulation”.
As stated by the Minister for Children, Equality, Disability, Integration, and Youth, this new Act, “represents a significant advance in workers’ rights in Ireland. It recognises the importance of family life and an improved quality of life for all workers, by supporting employees to achieve a better balance between their home lives and work lives.” New to this law is the right to request flexible working for parents; the right to request remote working for all employees; 5 days unpaid leave for medical care; and 5 days paid leave for victims of domestic violence.
Employers who approve remote working arrangements shall keep records of these arrangements for 3 years. These records should show the period of employment of each employee and the dates and times upon which each employee was on an approved remote working arrangement.
Cited in Virgo as, “Act No. 8 of 2023, s. 28” under the title, “Work Life Balance and Miscellaneous Provisions Act 2023”.
This new Law reorganizes the Spanish securities market regulation, adapting it to the recent provisions in several European directives, particularly in crypto-assets, and simplifies procedures to increase the competitiveness of the Spanish securities market. It also introduces new provisions related to tender offers, and investment services firms, and collective investment vehicles. This law repeals the following pieces of legislation:
This new law still requires audited annual and semi-annual financial reports to be kept for at least 10 years. Records of all services, activities, and operations, including recordings of telephone conversations or electronic communications related to these activities, must be kept for at least 5 years and when the National Securities Market Commission (CNMV) so requests, for a period of up to 7 years.
Various citations in Virgo under the citation, “Law 6/2023, of March 17” and title, “Law 6/2023, of March 17, on Securities Markets and Investment Services [Ley 6/2023, de 17 de marzo, de los Mercados de Valores y de los Servicios de Inversión]”.
To learn more about how to address records retention, data privacy and security requirements more efficiently, request a call with an Access expert, or request a product demonstration of Virgo.
Share