Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: COSO Objective 3 – Control Activities
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
Hot Topics in International Trade - Let's Be Serious-Supply Chain Audits
Workplace ICE Raids Are Surging—Here’s How Employers Can Prepare - #WorkforceWednesday® - Employment Law This Week®
REFRESH Five Tax Traps for Business Lawyers Advising Nonprofit Organizations
Hospice Insights Podcast - Hospice Audit Updates: David Beats Goliath
Compliance Tip of the Day: Middle Managers as the Eyes and Ears of Compliance
Episode 365 -- Four Sanctions Cases Everyone Should Know
UPIC Audits
Compliance Tip of the Day: The role of Compliance in Auditing AI
California Employment News: Taking Advantage of the PAGA Reform – How Employers Can Lower Their Risk of PAGA Liability
Auditing Your Hotline and Case Management System
Hospice Insights Podcast - Controlling the Narrative: A New Tactic for Auditors and ALJs
Improving Your Code of Conduct
Now Is the Time to Conduct I-9 Audits: What's the Tea in L&E?
Preparing for — and Surviving — an OFCCP Audit
Hospice Insights Podcast - Meet the New Laws, Same as the Old Laws: Overpayment Recoupment Update
California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
The Measures outline requirements and procedures for self-initiated and regulator-mandated compliance audits from May 1, 2025....more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more
The PRC Personal Information Protection Law (PIPL) mandates regular data compliance audits. Following a consultation period beginning in August 3, 2023, the Cyberspace Administration of China (CAC) issued the Measures for...more
SB 1120 (the “Bill”), which takes effect on January 1, 2025, amends existing California law to adopt guardrails around the use of artificial intelligence tools for the purpose of utilization management. As discussed in a...more
The evolution of artificial intelligence (AI) has introduced systems capable of making autonomous decisions, known as agentic AI. While generative AI essentially “creates” – providing content such as text, images, etc. –...more
The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more
Are you wondering when a US taxpayer should consider the IRS Voluntary Disclosure Program or VDP? Are you concerned about unreported or under-reported income, financial accounts, assets, investments, cryptocurrency or...more
The healthcare industry is among the most highly regulated industries when it comes to privacy protections. In addition to the federal Health Insurance Portability and Accountability Act (HIPAA), healthcare providers also...more
In our rapidly evolving digital landscape, all organizations are facing an onslaught of cybersecurity threats. According to recent research, victims of cyber attacks paid out a record $1.1 billion last year and have already...more
The Background: The California Privacy Protection Agency board ("CPPA" or "Board") is in the process of issuing new regulations as authorized under the California Privacy Rights Act. These three sets of proposed regulations...more
The California Privacy Protection Agency (“CPPA”) published a revised set of Draft Cybersecurity Audit Regulations ahead of the CPPA Board’s December 8, 2023 meeting. When the CPPA Board met on December 8, several key...more
The California Privacy Protection Agency (“CPPA”) issued and discussed draft regulations on Cybersecurity Audits and Risk Assessments late in the summer. The CPPA Board plans to discuss the draft regulations at its upcoming...more
In advance of the California Privacy Protection Agency’s (CPPA) December 8 Board meeting, the Agency has published new draft automated decisionmaking technology (ADMT) regulations, as well as revisions to draft regulations on...more
Keypoint: The California Privacy Protection Agency continued its rulemaking efforts by releasing revised draft cybersecurity audit regulations although the Agency has yet to initiate the formal rulemaking process....more
Editor’s Note: This article covers valuable insights on artificial intelligence’s (AI) evolving role in cybersecurity and incident response shared during an expert panel discussion. As cybersecurity, information governance,...more
When the California Privacy Rights Act (CPRA) was enacted, it created the California Privacy Protection Agency (CPPA) and delegated to the CPPA significant regulatory authority. One of the areas of that authority is...more
If you’re an employer or HR professional, you’ve likely heard about this important aspect of hiring and onboarding. But what exactly is I-9 compliance? And why is it crucial for your business?...more
On August 29, 2023, the California Privacy Protection Agency (“CPPA”) released a set of draft regulations on cybersecurity audits and risk assessments. In Part 1 of this two-part series of posts, we explored the CPPA’s draft...more
On August 28, 2023, the California Privacy Protection Agency (CPPA) released discussion drafts of regulations on cybersecurity audits and privacy risk assessments in advance of the CPPA’s meeting on September 8, 2023. ...more
On August 29, 2023, the California Privacy Protection Agency (“CPPA”) released a set of draft regulations on cybersecurity audits and risk assessments. For those who recall the multiple rounds of the CPPA’s draft CCPA...more
The California Privacy Protection Agency (CPPA) has released its agenda for the September 8 board meeting, which includes (among other topics) presentation of a draft Cybersecurity Audit Regulation and a draft Risk Assessment...more
The CPPA kicked off a first round of rulemaking in May 2022 and finalized that set of rules in March of this year. At the latest California Privacy Protection Agency (CPPA) meeting, the CPRA Rules Subcommittee (Rules...more