Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Cross Market Operational Resilience Group's (CMORG) AI Taskforce has released its AI Baseline Guidance Review (dated January 2025), accompanied by a press release. The CMORG AI Taskforce conducted a baseline review of...more
The new Department of Justice (DOJ) Data Security Program (DSP) took effect on April 8....more
On December 5, 2024, the Divisions of Clearing and Risk, Data, Market Oversight, and Market Participants of the Commodity Futures Trading Commission (“CFTC”) issued an advisory on the use of artificial intelligence (“AI”) in...more
On September 6, 2024, the U.S. Department of Labor (DOL) issued Compliance Assistance Release No. 2024-01, titled “Cybersecurity Guidance Update.” The updated guidance clarifies that the DOL cybersecurity guidance applies to...more
On July 17, 2024, the Cybersecurity & Infrastructure Security Agency (CISA) issued an Alert adding three vulnerabilities to its Known Vulnerabilities Catalog. ...more
The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more
In response to the number of successful, large-scale ransomware attacks affecting healthcare organizations nearly tripling since 2018, the Department of Health and Human Services (HHS) has released guidance outlining its...more
The European Data Protection Board (EDPB), a board comprised primarily of representatives of the data protection supervisory authorities of the European Union’s member states, issued surprising new guidance in mid-November...more
With the pensions industry having direct experience of recent cyber security incidents, the Pensions Regulator (TPR) has updated its guidance for trustees in this area. As a reminder, this year saw Capita suffer a cyber...more
Welcome to your weekly update from the Allen & Overy Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. This week we cover the following topics: HMRC Pensions Tax...more
The Securities and Exchange Commission (SEC) finalized cybersecurity rules this week for public companies centered on disclosure requirements for material cybersecurity incidents, as well as periodic reporting regarding...more
On May 30, 2023, the Cyberspace Administration of China ("CAC") issued the "Guidance on Filing the Standard Contract for the Cross-Border Transfer of Personal Information" ("Guidance"), which took effect on June 1, 2023....more
A patient surfs a hospital system’s website and reads an article about depression and anxiety. The patient then searches the hospital’s website for mental health providers in the area. A few hours later, the patient logs into...more
On March 8, the Department of Health and Human Services (HHS) released a cybersecurity implementation guide to assist public and private health care sectors prevent cybersecurity incidents. The Cybersecurity Framework...more
Today, after months of rumors regarding its release and contents, the White House issued its National Cybersecurity Strategy “to secure the full benefits of a safe and secure digital ecosystem.” The full strategy is 39 pages...more
The Cybersecurity Administration of China (the "CAC") has published guidelines concerning outbound data transfers of personal information and "important data" from China to other jurisdictions. Businesses must comply with...more
The FBI and CISA recently issued a Cybersecurity Alert entitled “#StopRansomware: Zeppelin Ransomware” providing an alert to organizations about the proliferation of Zeppelin ransomware attacks and information on the...more
On May 19, 2022, the Department of Justice (DOJ) issued revisions to its existing policy for charging offenses under the Computer Fraud and Abuse Act (CFAA) (2022 CFAA Policy). The revisions state that “good-faith” security...more
CYBERSECURITY NIST - Releases Guidance on Supply Chain Security - The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain...more
The National Institutes of Science and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain Security Guidance,” in response to directives set forth in President...more
OCR’s recent focus on cybersecurity in the health care sector sends a clear message to HIPAA covered entities and business associates: OCR expects you to implement security measures that address known threats to ePHI that are...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
The regular “Weekly Update” email from the Financial Industry Regulatory Authority (“FINRA”) had an eye-catching warning February 16, urging broker-dealer member firms to heed the “Shields Up” cyber threat warning from the...more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
In this month’s Privacy & Cybersecurity Update, we review the TSA’s new cybersecurity requirements for critical U.S. infrastructure, the White House OMB’s new guidance on cyber incident reporting procedures and the U.S.-U.K....more