We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Kilpatrick's Steve Borgman and Jordan Glassman recently presented on the various generative AI technologies available, with an emphasis on large language models such as ChatGPT (and others that are similar), at Kilpatrick’s...more
In yet another example of the importance of a robust cybersecurity and data protection system, New York Attorney General (OAG) and the New York State Department of Financial Services (DFS) collectively fined the insurance...more
For over 100 years, the National Association of Insurance Commissioners (NAIC) has been developing model legislation to encourage uniformity among states for the regulation of insurance products. The NAIC model laws and...more
By definition, insurance policies represent an exercise in planning for (and hedging against) catastrophe. Cyber insurance for the healthcare industry is no exception. But any hedge is only as good as it’s reliable. Many...more
The first half of 2023 saw a flurry of activity in the privacy and data security spaces. We outline below some of the key developments of interest to the insurance industry....more
In this month’s Privacy & Cybersecurity Update, we look at Washington state’s passage of the first-ever state-level health data privacy law and the finalized California Consumer Privacy Act regulations. We also examine a...more
In today’s modern and often hybrid workplace, there is no magic bullet for preventing data breaches—they can come from a variety of angles and thus require a vigilant, multifaceted approach. Implementing a wide-reaching...more
After two years of volatility, cyber liability prices finally appear to be normalizing due to factors that include a downturn in price increases and a lower frequency of ransomware attacks in 2022—all of which have resulted...more
As many businesses prepare to renew their insurance policies, considerations of consumer privacy rights ought to be top of mind. The Colorado Privacy Act - Scope - Foley Hoag has previously written about the Colorado...more
Medibank, one of Australia’s largest private health insurers, detected a ransomware attack in October 2022. The attackers, believed to be part of a criminal organization based in Russia, exfiltrated approximately 9.7 million...more
Multi-factor authentication (MFA) is more than an annoying popup or text message when logging onto a company’s website or platform. Not only is using MFA a sound security practice and good business, it is frequently becoming...more
The first half of 2022 brought plenty of activity in the data privacy and cybersecurity space, much of which is applicable to or of interest to the insurance industry. We outline some of this activity below. Revisions to...more
Vermont Governor Scott signed the Vermont Insurance Data Security Law (available here) (the “VIDSL”), becoming the 22nd state to adopt a cybersecurity statute based on the National Association of Insurance Commissioners...more
As an update to our March 8, 2022 blog post discussing coverage for phishing scams in the context of Ernst & Haas Mgt. Co. v. Hiscox, Inc., 23 F.4th 1195 (9th Cir. 2022), a new Alaska case relied on Ernst & Haas to find...more
Cybercrime is at an all-time high, with just the cybercrime insurance industry alone expecting to grow from $8 billion globally in 2020 to $20 billion by 2025.1 Although cyber liability insurance policies now exist to help...more
Cyber Security And Privacy Insurance Claims - This is the fifth installment of our series of articles reviewing some of the key trends and developments currently impacting the U.S. insurance industry. To date, the vast...more
The past 20 months have created a lot of transitions in how people work. Some companies still have the majority of their employees working remotely and intend to keep it that way permanently. Other businesses have tried to...more
Cyber liability insurance is becoming more ubiquitous, more unpredictable, and in some cases more confusing than ever, which makes understanding your risk even more critical in 2022. Join Woodruff Sawyer experts Dan Burke,...more
Entities that collect Wisconsin residents’ personal information and are licensed, registered, or authorized (licensee) with the Office of the Commissioner of Insurance (commissioner) will have to abide by a new data security...more
The NAIC Data Security Model Law (Model 668) continues its journey through the various state legislatures. Whether all 50 states meet the U.S. Treasury-recommended 2022 deadline for adoption of uniform data security...more
Nearly 700 years ago, England captured King John II of France and held him for ransom for four million écus. But France could not afford to pay, and King John II ultimately traded his two sons as substitute hostages to try...more
New York remains extremely active in the cybersecurity and data protection arena. As we have recently discussed, New York is considering a proposed privacy bill that would greatly enhance consumer privacy rights, increase...more
The New York State Department of Financial Services (DFS) implemented cybersecurity regulations (the DFS Regulations) in 2017 which provided for a transitional two-year period before all the provisions were effective. The DFS...more
The New York Department of Financial Services (NYDFS) has launched its first enforcement action under New York’s Cybersecurity law for financial services, so-called Part 500. Part 500 requires NYDFS licensed institutions to...more
In July 2020, the New York State Department of Financial Services (NYDFS) filed the first enforcement action under the new NYDFS Cybersecurity Regulation, 23 NYCRR Part 500 (Part 500), against First American Title Insurance...more