Nicola Kerr-Shaw on Compliance

The Last Piece of DORA Falls Into Place: 10 Lessons From the First Six Months

- What is new: The EU’s Delegated Regulation on Subcontracting has come into force, completing the legal framework of the Digital Operational Resilience Act (DORA). Attention will now turn to enforcement. - Why it matters:...more

7/24/2025 / Compliance , Corporate Counsel , Cybersecurity , Digital Operational Resilience Act (DORA) , Enforcement Actions , EU , Financial Services Industry , Incident Response Plans , Regulatory Requirements , Risk Management

Something Is Better Than Nothing: UK and EU GDPR Reform Finally Arrives

In recent weeks, the EU and UK have both introduced changes to their respective versions of Europe’s landmark privacy legislation, the General Data Protection Regulation (GDPR). These reforms mark the first substantial...more

7/11/2025 / Compliance , Cookies , Data Privacy , Data Protection , EU , General Data Protection Regulation (GDPR) , Member State , New Legislation , Personal Data , Regulatory Agenda , Regulatory Reform , Regulatory Requirements , UK

The EU’s New Cybersecurity Law for the Space Sector

On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more

7/9/2025 / Compliance , Cybersecurity , Data Privacy , Enforcement , EU , National Security , Outer Space , Privacy Laws , Proposed Legislation , Regulatory Requirements , Reporting Requirements , Risk Management

The European Health Data Space – What EU Health Care Providers and Data Holders Need To Know

- On 26 March 2025, the European Health Data Space (EHDS) Regulation entered into force. The regulation establishes a comprehensive framework for health-data sharing and access in the EU, with the dual aim of supporting the...more

6/26/2025 / Compliance , Data Privacy , Data Security , Data-Sharing , Electronic Protected Health Information (ePHI) , EU , Health Care Providers , Healthcare , Healthcare Reform , Intellectual Property Protection , Life Sciences , Noncompliance , Personal Data , Regulatory Agenda , Regulatory Requirements , Shareholders

Rising Investment in AI Requires Financial Sponsors To Address Unique Risks

Key Points - - Accelerated M&A activity by financial sponsors is expected in the near term due to improved market conditions and deregulation under the Trump administration. - With the rapid development of new AI use...more

1/20/2025 / Acquisitions , Artificial Intelligence , Capital Markets , Compliance , Cybersecurity , Data Privacy , Mergers , Private Equity , Regulatory Requirements , Risk Management , Technology Sector

ICO Publishes Outcomes of GenAI Consultation

On 13 December 2024, the UK Information Commissioner’s Office (ICO) published the report of outcomes from its consultation on generative AI (genAI). The report sets out key themes that emerged from responses to the ICO’s...more

1/8/2025 / Artificial Intelligence , Compliance , Consumer Privacy Rights , Data Privacy , Data Protection , General Data Protection Regulation (GDPR) , Information Commissioner's Office (ICO) , Machine Learning , Regulatory Agenda , Transparency , UK

The EU AI Act: What Businesses Need To Know

The newly approved Artificial Intelligence Act (AI Act or the Act) aims to create a secure and trustworthy environment for the development and use of AI in the European Union....more

6/27/2024 / Artificial Intelligence , Compliance , Consumer Financial Products , Consumer Protection Laws , Cybersecurity , Data Privacy , EU , FinTech , General Data Protection Regulation (GDPR) , Intellectual Property Protection , Privacy Laws , Technology Sector

Nicola Kerr-Shaw

Skadden, Arps, Slate, Meagher & Flom LLP

Popular Topics by This Author

Latest Posts › Compliance