Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Podcast - Regulating AI in Healthcare: The Road Ahead
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
FCPA Compliance Report: Ethical Challenges in AI, Data Protection, and Sports with Andre Paris
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Everything Compliance: Episode 156, To Document or Not Edition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
A Less is More Strategy for Data Risk Mitigation
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
Approach to Responsible AI
Why Privacy Matters to Your Business and What's in Store for 2025
No Password Required Podcast: Senior Security Researcher at Nokia and Guardian of Secure AI Networks
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability...more
On December 5, 2024, the Colorado Department of Law (Department) adopted an amended draft of its latest proposed Colorado Privacy Act (CPA) regulations. This set of amended regulations follows a public comment period that...more
Déjà vu in the world of UK data law: the Labour government has proposed reforms to data protection and e-privacy laws through the new Data (Use and Access) Bill (“DUAB“). The DUAB follows the previous government’s...more
On October 30, 2024, the Colorado attorney general (AG) announced a November 7, 2024, public rulemaking hearing to receive feedback on its latest proposed Colorado Privacy Act (CPA) regulations...more
The first wave of Australia's expansive privacy law reforms has been introduced into Federal Parliament in the Privacy and Other Legislation Amendment Bill 2024 (Cth) ("Bill")....more
Colorado employers could soon need to comply with the disclosure and consent requirements of the state’s privacy act when they collect biometric identifiers from employees or applicants – which would make Colorado the first...more
On July 5, the California Privacy Protection Agency (CPPA) issued its NPRM to amend sections of the Delete Act. As covered by InfoBytes here, the Delete Act was signed into law in 2023 as SB 362 and transferred the...more
On July 5, the California Privacy Protection Agency (CPPA) published a Notice of Proposed Rulemaking regarding Data Broker Registration pursuant to Senate Bill 362 (the Delete Act). The Delete Act requires the CPPA to...more
On 7 April, US House Committee on Energy and Commerce (Energy and Commerce Committee) Chairwoman Cathy McMorris Rodgers (R-WA) and US Senate Committee on Commerce, Science, and Transportation (Commerce Committee) Chairwoman...more
Although not yet the subject of the formal rulemaking process, the California Privacy Protection Agency (the “CPPA”) has released draft proposed regulations for cybersecurity audits required by Section 1798.185(a)(15)(A) of...more
On March 8, 2024, the California Privacy Protection Agency (“CPPA”) Board voted to advance to formal rulemaking proposed regulations under the California Consumer Privacy Act, as amended, regarding risk assessments, automated...more
The European Data Protection Board (EDPB) during its 90th plenary session, on 14 February 2024, amongst other things: - adopted an opinion (the Opinion) on the notion of a controller’s main establishment, including...more
The Department of Health and Human Services ("HHS") has released voluntary cybersecurity performance goals for the health care and public health sectors, which outline an increasingly standardized regulatory approach and...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
On December 8, 2023, the California Privacy Protection Agency (CPPA) Board discussed a draft of its forthcoming artificial intelligence (AI) regulations on automated decision making technology (ADMT). The proposed...more
Over the last two years, the Office for Civil Rights (“OCR”) has released a number of proposed regulations and new guidance relating to the HIPAA privacy rules. Not to be left out, recently, the Federal Trade Commission...more
New York is the first state to propose cybersecurity requirements for all hospitals operating in the state to address patient safety and other cybersecurity related issues....more
On November 13, 2023, Governor Kathy Hochul released proposed cybersecurity regulations applicable to all hospitals located within the state of New York. The Governor has included $500 million in grant funding in her FY24...more
This week, New York regulators announced that they plan to release proposed cybersecurity regulations for hospitals. The impetus for the proposed regulations is largely due to the increasing and devastating cyber attacks on...more
The Brazil Data Protection Agency (“ANPD”) on August 15, 2023 released a draft of the International Transfer of Personal Data Regulation (“Regulation Draft”) and the standard contractual clauses (“SCCs”) for public comment....more
On August 31, 2023, the Colorado Division of Insurance will hold a virtual rulemaking hearing for its proposed regulation on governance and risk management framework requirements for life insurers using external consumer data...more
Report on Patient Privacy Volume 23, no 7 (July 2023) In two public talks this spring, Melanie Fontes Rainer, director of the HHS Office for Civil Rights (OCR), said completing the 2021 proposed regulation extensively...more
The European Commission published its Proposal for a Regulation (on 4 July 2023) laying down additional procedural rules relating to the enforcement of GDPR (the Proposal), which aims to complement the GDPR by specifying the...more
Following the March 2023 rollout of mobile sports wagering in Massachusetts, the Massachusetts Gaming Commission has been hard at work promulgating the various regulations needed to oversee Massachusetts’ burgeoning sports...more
Washington state’s My Health, My Data Act (the Act), signed into law in April 2023, is a broad health data privacy law designed to protect consumer health data that falls outside the scope of HIPAA, such as health-related...more