What’s Happening with Data Privacy and Cybersecurity in 2023?

Data Privacy Day has come and gone, but here is an encapsulated version of the National Law Review’s Top 10 data privacy and cybersecurity predictions for 2023.

(1) The year 2023 will see a significant increase in the number of lawsuits, perhaps including Office for Civil Rights compliance reviews relating to medical information privacy and HIPAA.

(2) Nine new states are considering consumer privacy bills: Indiana, Iowa, Kentucky, Mississippi, New York, Oklahoma, Oregon, and Tennessee.

(3) California will be the first state to adopt a comprehensive law addressing children’s online privacy.

(4) We will see more regulation on the monitoring of and privacy protections for employees beyond their home office.

(5) The federal government may enact a national privacy standard this year.

(6) As the use of AI and automated decision systems proliferates, safeguarding individuals’ privacy will be a growing concern.

(7) There will be more privacy-related lawsuits as new privacy laws are enacted.

(8) Companies transferring personal data internationally may soon leverage the new EU-U.S. Data Privacy Framework.

(9) With states tightening their data breach notification requirements, organizations will likely face more enforcement actions.

(10) As small to medium-sized providers have been under threat, the Cybersecurity Infrastructure Security Agency (CISA) is focusing more on critical infrastructure.