Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
Innovation in Compliance: The Future of Compliance Training: AI, Adaptive, Learning, and Cultural
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Lawyers Beware: There Could Be Serious Ethics Issues With The New AI Browsers
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
10 For 10: Top Compliance Stories For the Week Ending July 19, 2025
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Hospice Insights Podcast - AI in Action: Exploring How AI Is Helping Hospices Do Things in New Ways
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Rhode Island’s Governor recently signed the Rhode Island Judicial Security Act (H5892), which aims to bolster the privacy and security of current and former judicial officers and their families by introducing several measures...more
Cross-border marketing of products or services by an overseas company (a body corporate incorporated outside of Bermuda) to customers in Bermuda could be construed as carrying on business in Bermuda and, if so, would be...more
Online retailers now face an increasingly complex matrix of state consumer-privacy statutes that impose prescriptive requirements on data collection, monetization, and cybersecurity practices. ...more
China rolled out its “new,” streamlined cross-border data transfer (CBDT) regime on March 22, 2024, with the issuance by the Cyberspace Administration of China (CAC) of the Provisions on Facilitating and Regulating...more
Businesses should expect to see “increased enforcement” from the California Privacy Protection Agency now that the agency has had four years to staff up and implement rules, the CPPA’s executive director said in an interview...more
In today's world, violations of individual privacy and secret disclosure are a serious problem. It may be eavesdropping, interception, recording, and the spreading of personal information without the consent of the other...more
In a major development for businesses subject to state data privacy laws, eight state privacy regulators have joined forces to form the “Consortium of Privacy Regulators,” a bipartisan coalition aimed at coordinating...more
The New York legislature passed its version of Washington’s My Health My Data Act (“WA MHMDA”) on January 22, 2025. Currently awaiting action by Governor Kathy Hochul, the New York Health Information Privacy Act (“NY HIPA”)...more
Dark Patterns come into focus as the California Privacy Protection Agency (CPPA) issues September 4 Enforcement Advisory. Recently, I attempted to cancel a digital subscription. While I expected the cancellation function...more
Senator Maria Cantwell (D-Washington) and Representative Cathy McMorris Rodgers (R-Washington) have presented a draft of a federal data privacy law, the American Privacy Rights Act (APRA). APRA would largely preempt the...more
Since 2011, I’ve attended the International Association of Privacy Professionals’ Global Privacy Summit in Washington, D.C. Each year one session gets everyone talking; this year the honor went to “Direct Insights from U.S....more
The news that California regulators can immediately begin enforcing new data privacy regulations will have an outsized impact on the PEO community. A surprise February 9 decision from a state appeals court pressed...more
For companies that slow-tracked their California compliance activities because of the tentative March 29, 2024 effective date due to the pending appeal on the regulation enforcement timeline, it is now time to prioritize...more
A decision by California's Third District Court of Appeal has allowed the California Privacy Protection Agency (CPPA) to resume enforcement efforts. On February 9, 2024, the Court overturned a California Superior Court...more
With the new year underway, and enforcement looming, it is more important than ever to ensure your organization is compliant with the California Privacy Rights Act (CPRA)—the amendment to the California Consumer Privacy Act...more
In 2019, the US data privacy framework changed significantly with the emergence of the California Consumer Privacy Act which created a significant compliance burden for most businesses that collect personal information about...more
On July 13, 2023, The Washington Post broke the news that the Federal Trade Commission (FTC) had issued a Civil Investigative Demand (CID) — a sort of a pre-litigation subpoena as part of what is supposed to be a nonpublic...more
On July 10, 2023, the European Commission announced that it had adopted its adequacy decision for the EU-U.S. Data Privacy Framework (EU-U.S. DPF). This long-awaited decision means that for the first time since the EU-U.S...more
To paraphrase what Ben Franklin may have been alluding to nearly 300 years ago in his famous quote, often the best approach when it comes to reducing the risk of litigation and government enforcement proceedings is to take...more
Washington State and Nevada have now passed health data privacy laws that impose obligations relating to the collection, processing, and sharing of “consumer health data.” Both laws (collectively, State Health Data Privacy...more
In June, Texas became the tenth state with a comprehensive privacy law. The Texas Data Privacy and Security Act (“TDPSA”) contains familiar provisions from other state privacy laws regulating the collection, use, processing,...more
On June 30, 2023, a California court enjoined until March 29, 2024, enforcement of the final regulations implementing the California Privacy Rights Act (CPRA). Importantly for employers, this ruling prevents enforcement of...more
Texas recently became the tenth state to pass a comprehensive consumer data privacy law when its legislature voted in favor of the Texas Data Privacy and Security Act (TDPSA). The bill was signed by Governor Greg Abbott on...more
Iowa has become the sixth state in the country to enact a comprehensive consumer privacy law, joining California, Virginia, Colorado, Connecticut, and Utah. The “Relating to Consumer Data Protection, Providing Civil...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more