Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
The CJEU has decided that the maximum thresholds for GDPR fines should be calculated using the global turnover of the broader corporate group, not solely the infringing entity....more
Close on the heels of its Consent Decrees with TracFone and AT&T, on September 27, 2024, the Enforcement Bureau of the Federal Communications Commission (FCC) announced that it reached a Consent Decree with T-Mobile US, Inc....more
For the first time since it became law on Aug. 25, 2009, the Federal Trade Commission (“FTC”) has taken enforcement action under 16 C.F.R. § 318, also known as the Health Breach Notification Rule, with a $1.5 million civil...more
Report on Patient Privacy 22, no. 5 (May, 2022) - Compared to other agencies, the HHS Office for Civil Rights (OCR) is a little fish in the big federal pond, but it has an outsize effect on HIPAA covered entities (CEs) and...more
The Federal Trade Commission (FTC) recently settled with Weight Watchers (WW) and its subsidiary Kurbo for alleged violations of the Children’s Online Privacy Protection Act (COPPA). COPPA requires websites, apps and other...more
Two major U.S. financial institutions, Morgan Stanley and Capital One, recently agreed to resolve separate class action lawsuits by paying, in the aggregate, hundreds of millions of dollars in compensation for massive data...more
The New York Department of Financial Services (NYDFS) has settled alleged violations of the Department’s strict cybersecurity regulations with National Securities Corp. (NSC) for $3 million, over four separate cybersecurity...more
Q1/ Applicable legislation (a) Have the requirements of the GDPR been addressed by introducing a new law, or by updating existing legislation? Old legislation has been updated. ———...more
Every year, the National Institute of Standards and Technology (NIST) and the Department of Health and Human Services, Office for Civil Rights (OCR) jointly sponsor a conference to “address the dynamic and challenging...more
The U.S. Department of Health and Human Services recently released a notice of enforcement discretion announcing changes in how the agency will assess civil monetary penalties for violations of the Health Insurance...more
I am hardly saying that SEC Regulation S-P is the sexiest of regulations. I mean, has any customer is history actually read one of those exciting statement stuffers that discloses in some dense font a BD’s privacy policy?...more
Musical.ly app receives $5.7 million fine for collecting personal information in violation of the Children's Online Privacy Protection Act On February 27, 2019, the Federal Trade Commission ("FTC") issued a record $5.7...more
Data privacy and security legislation and enforcement saw significant activity in 2018 and early 2019. McDermott’s 2018 Digital Health Year in Review: Focus on Data report – the first in a four-part series – highlights...more
On December 4, 2018, the New York Attorney General (NYAG) announced that Oath Inc., which was known until June 2017 as AOL Inc. (AOL), has agreed to pay a $4.95 million civil penalty to settle allegations that AOL’s ad...more
This issue of Skadden’s semiannual Cross-Border Investigations Update takes a close look at recent cases, regulatory activity and other key developments, including the use of legal holds in cross-border investigations,...more
On June 18, 2018, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) announced that an HHS Administrative Law Judge (“ALJ”) granted summary judgment to OCR in an enforcement action...more
On February 12, 2018, the Commodity Futures Trading Commission (CFTC) settled charges against AMP Global Clearing LLC (AMP), a futures commission merchant (FCM), for the company’s failure to adequately supervise one of its IT...more
Regulatory components to cyber insurance policies are becoming increasingly valuable as data-breach enforcement continues to surge. The Federal Trade Commission (FTC or Commission), the nation’s primary privacy and data...more
New Rules, Proposed Rules, Guidance and Alerts – SEC STAFF GUIDANCE AND ALERTS - SEC Staff Issues Guidance on Cryptocurrency-related Holdings - On January 18, 2018, the staff of the SEC’s Division of Investment...more
On March 2, the CFPB settled its first data security enforcement action against Iowa-based Dwolla Inc. Launched as a startup in 2009, Dwolla is an online payment platform that enables customers to transfer money directly...more
Results from the SEC’s First Round of Cybersecurity Examinations - On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and...more
On September 22, the U.S. Securities and Exchange Commission (“SEC”) and R.T. Jones Capital Equities Management, Inc. (“R.T. Jones”), a St. Louis-based investment adviser, settled charges that R.T. Jones failed to adopt...more
In recent years, the SEC has been focused on cybersecurity. It has issued risk alerts, conducted examinations and provided guidance about what the agency sees as widespread weaknesses in many policies and procedures to...more
On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation...more
The Department of Treasury’s Office of Foreign Asset Control continues to ramp up sanctions enforcement. Even with the likely relaxation of the Iran and Cuba sanctions, OFAC has been continuing its aggressive enforcement...more