Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
On 12 June 2025, the French data protection authority (CNIL) launched a public consultation on a draft recommendation regarding the use of tracking pixels in emails. This recommendation roughly assimilates pixels and any...more
The Italian Data Protection Authority (the Garante) has issued its first GDPR fine for, among other breaches, unlawful retention of metadata from employees’ emails and web browsing activities. The decision applies, for the...more
Editor’s Note: This webcast brings together some of HaystackID’s top experts to dissect the intricacies of Business Email Compromise (BEC) attacks—a rapidly growing threat impacting organizations globally. During the...more
Saw this in my junk folder, one of the worst follow-ups on an unsolicited sales pitch: “Hi Ary This may be my last email to you (or not.) Kinda sucks tbh because usually people respond. Either they hate me or they adore me or...more
The Italian Data Protection Authority (“Garante per la Protezione dei Dati Personali”) published a provision in which it established that some services for e-mail management are configured to collect and store metadata...more
On April 23, 2024, the Centers for Medicare & Medicaid Services (“CMS”) issued a final rule implementing one-to-one consent rules for Third Party Marketing Organizations (“TPMOs”) that engage in Medicare-related advertising....more
Private Nutzung von Internet und E-Mail am Arbeitsplatz: Endlich mehr Sicherheit für Arbeitgeber? Nach bisheriger Auffassung der deutschen Datenschutzbehörden ist der Arbeitgeber bei gestatteter Privatnutzung von...more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
The Information Commissioner’s Office (ICO) has recently published guidance for employers on monitoring workers lawfully, transparently and fairly. The guidance aims to protect workers’ data protection rights and help...more
‘Tis the season for the hustle and bustle of year-end holiday activities. With that comes the increased risk of cybercriminals exploiting the season to find vulnerabilities. This includes taking advantage of increased online...more
As Cybersecurity Awareness Month wraps up, it’s worth mentioning that employee security awareness training is an ongoing process. Employee error remains a significant contributing factor in data breaches. According to the...more
Many organizations give employees the ability to work from anywhere, adding convenience and flexibility to work and personal schedules. However, with this flexibility comes responsibility—the responsibility to protect the...more
On June 30, 2023, ARx Patient Solutions filed a notice of data breach with the Attorney General of Maine after discovering that an employee’s M365 email account was accessed by an unauthorized party. In this notice, ARx...more
The volumes of evidence available for litigation are such that privileged documents – a small but important subset of any evidence collection – can easily be overlooked, commingled, misplaced, or simply lost. In addition, the...more
The New York Department of Financial Services (NYDFS) continues to be a major player in data security enforcement. On Oct. 18, 2022, NYDFS announced that it had entered into a consent order with EyeMed Vision Care LLC...more
Email scams and viruses are nothing new—threats like phishing emails and malware have been around since the days when services like AOL still dominated the internet and email landscape. However, while technology has made a...more
On August 16, 2022, CISA (the Cybersecurity and Infrastructure Security Agency) and the Multi-State Information Sharing & Analysis Center (MS-ISAC) issued an Alert outlining multiple Common Vulnerabilities and Exposures...more
We are all increasingly familiar with, and probably increasingly frustrated by, the use of chatbots to attempt to solve some problem we are having with a company, often delivery of a purchased item. The “virtual agent” (not...more
Cybercrime is at an all-time high, with just the cybercrime insurance industry alone expecting to grow from $8 billion globally in 2020 to $20 billion by 2025.1 Although cyber liability insurance policies now exist to help...more
A recent Privacy Peril advised of the increasing cyber risk from nation state attacks, particularly as a result of the war in Ukraine. There is, of course, little we can do to thwart cyber assaults on vital nerve centers....more
Where We Stand - This year kicks off against the backdrop of the security flaw found in Log4j, a system-logging code library widely used in applications and services across the Internet. In the aftermath of this crisis, a...more
Risk Management Question - How can employees mitigate the risk of falling for phishing scams purportedly sent by their company's HR department? The Issue - Scammers often know just the right thing to say to pique an...more
One of the challenging things about HIPAA (Health Insurance Portability and Accountability Act) enforcement is the fact that both the Office for Civil Rights and State AGs have jurisdiction to assess fines and penalties for...more
An apparent email snafu has led to the filing of a putative class action against the Phoenix Children’s Hospital. The allegations stem from an email that was allegedly sent out to 368 people that outlined the protocols for...more