Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Lawyers Beware: There Could Be Serious Ethics Issues With The New AI Browsers
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Hospice Insights Podcast - AI in Action: Exploring How AI Is Helping Hospices Do Things in New Ways
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
California regulators unanimously approved a sweeping set of regulations on July 24 governing the use of automated decision-making technology (ADMT) and mandating risk assessments and cybersecurity audits for businesses...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board voted to approve a long-awaited rulemaking package imposing substantial new compliance obligations on businesses subject to the California Consumer...more
Last week, the California Privacy Protection Agency (“Agency”) approved adoption of detailed new regulations under the CCPA that will include (among other notable components) a rule requiring annual cybersecurity audits for...more
At its latest meeting, the CPPA voted to finalize its regulations governing automated decisionmaking tools, cybersecurity audits, and privacy risk assessments - On July 24, the California Privacy Protection Agency ("CPPA")...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) unanimously adopted a comprehensive rulemaking package under the California Consumer Privacy Act (CCPA) that primarily addresses automated decisionmaking...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board approved a final package of amendments to the regulations implementing the California Consumer Privacy Act (CCPA). These sweeping changes impose...more
California has approved new regulations requiring some companies to conduct annual audits of their cybersecurity programs, including the policies, procedures, and practices for protecting personal information. On July 24,...more
On July 24, 2025, the California Privacy Protection Agency (“CPPA”) unanimously voted to adopt a package of Proposed Regulations for the California Consumer Privacy Act (“CCPA”), marking a significant development in...more
As the California Privacy Protection Agency (CPPA) prepares for its July 24, 2025, meeting, it released a revised set of California Consumer Privacy Act (CCPA) regulations that contain modest changes to the ones it released...more
Welcome to the Summer of Privacy! As we hit the middle of 2025, California is once again the focus of our attention, as both its legislators and regulators are attempting to square privacy protections with developing...more
On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more
On January 8, 2025, the U.S. Department of Justice (Department or DOJ) issued new rules required by then-President Biden’s February 2024 Executive Order (EO) 14117 to establish a new regulatory framework aimed at “Preventing...more
On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more
On December 5, 2024, the Colorado Department of Law adopted amended rules to the Colorado Privacy Act (CPA)....more
Introduction - 2024 has been another big year for privacy. Several new state privacy laws are going into effect, with several more coming in 2025, while a federal privacy law continues to be discussed that would further...more
The financial services industry has seen a litany of new data privacy and cybersecurity challenges through the first half of 2024. Financial institutions are facing unprecedented compliance hurdles resulting from the...more
On May 21, 2024, the last missing approval for the EU AI Act was given by the European Council. The text of the law is final and will be published in the coming days. Here we summarize key points as well as note potential...more
Resolution No. 15, of April 24, 2024, of the Brazilian Data Protection Authority ("ANPD"), approved the Data Breach Notifying Regulation (the “Regulation”). The Regulation establishes procedures for data controllers to notify...more
On March 22, 2024, nearly six months after the release of the “draft Provisions on Regulating and Promoting Cross-border Data Transfer” (the “Draft Rules”), the Cybersecurity Administration of China (the “CAC”) formally...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
On February 28, 2024, U.S. President Joe Biden issued Executive Order on Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern (EO), which authorizes...more
ARTIFICIAL INTELLIGENCE - What is the Privacy Impact of the White House AI Order for Businesses? Posted November 28, 2023 Biden’s sweeping AI Executive Order sought to have artificial intelligence used in accordance...more
Just one month into 2024 and two states have already passed comprehensive consumer data privacy bills. In New Jersey, the legislature passed and on January 16 the governor signed S. 332 (“New Jersey Act”). And in New...more
A recently introduced bill in the Florida Legislature would provide businesses operating in Florida, including health care providers, with a legal defense to data breach lawsuits if they maintain robust cybersecurity measures...more
On January 16, 2024, New Jersey Governor Phil Murphy signed into law Senate Bill No. 332, “An Act concerning online services, consumers, and personal data” (“SB 332”). New Jersey is the fourteenth state to pass a...more