Rethinking Records Retention
A Less is More Strategy for Data Risk Mitigation
Data Retention and Document Holds
Healthcare Document Retention
The NYDFS Updates Its Stringent Cybersecurity Regulations. Is This a Bellwether of Coming Industry Change? - The Consumer Finance Podcast
Spring Cleaning for Legal Teams: The Cloud and Defensible Deletion of Data
M365 in 5 – Part 7: Teams Audio/Video (A/V) Conferencing
M365 in 5 – Part 6: Teams Channels – The virtual collaboration workspace
M365 in 5 – Part 5: Teams Chats – Modern communications
M365 in 5 – Part 4: Teams – An introduction to collaboration
M365 in 5 – Part 3: OneDrive for Business – Protected personal collaboration
M365 in 5 – Part 2: SharePoint Online – The new file-share environment
M365 in 5 – Part 1: Exchange Online – Not just a mailbox
Sitting with the C-Suite: Information Governance and eDiscovery - Key Compliance Issues for In-House Counsel
Sitting with the C-Suite: Trial Teams – Narrowing Data through Centric Search
Sitting with the C-Suite: Normalizing Business Practices through Litigation Data
Compliance Perspectives: Regulatory Conflicts in Data Privacy Laws
Jones Day Presents: Effect of GDPR, CCPA, and FTC on Blockchains
[WEBINAR] Public Records Act - Taming the Email Tiger
E14: The Three Pillars of GDPR
While corporate leaders often view cybersecurity as a technical challenge, contributing author Phil Favro illustrates the legal and organizational dimensions of cybersecurity in this recent article. Favro emphasizes that...more
On Aug. 14, 2025, the New York Department of Financial Services (NYDFS) issued a Consent Decree announcing that Healthplex, Inc. (Healthplex) has agreed to pay a $2 million fine, as a result of an investigation into a 2021...more
Leading businesses continue to suffer cyber attacks at the hands of sophisticated ransomware groups. For example, the threat group “Scattered Spider” (also known as UNC3944, Octo Tempest, 0ktapus) is once again making...more
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
On January 03, 2025, the government released the much awaited draft Digital Personal Data Protection Rules, 2025, (Draft Rules / Rules) for public consultation and invited stakeholder feedback by February 18, 2025 (access the...more
On January 3, 2025, India’s Ministry of Electronics and Information Technology ("MeitY") released the Draft Digital Personal Data Protection Rules, 2025 ("Draft Rules") for public comment. The primary aim of these Draft Rules...more
Recent decisions by the French data protection authority (CNIL) have highlighted the importance of GDPR compliance, particularly in the areas of data retention, consent for processing sensitive personal data, and marketing...more
In Argentina, data protection is governed by comprehensive legislation aimed at safeguarding individuals' personal data. Below you will find an outline of the key aspects including governing legislation, exploring their scope...more
On February 1, the Federal Trade Commission (FTC or “the Commission”) announced that it had reached a settlement with Blackbaud, a software company, resolving claims related to a 2020 data breach that resulted in the...more
In today’s digital age, our every action generates a trail of data. From online searches to credit card details, this data is collected by companies to enhance their services. However, the question arises – how long should...more
Information governance and data retention have been important topics in the corporate world for years. As an executive, it’s crucial to ensure effective management, storage, and secure disposal of your company’s data. Having...more
The Association of Corporate Counsel and Major, Lindsey & Africa recently released their 2023 Law Department Management Benchmarking Report (Report) which tracks key trends in law department financial and operational data....more
On 4 May 2023, the European Court of Justice (CJEU) delivered its highly anticipated judgement in Österreichische Post (Case C-300/21) on a crucial issue: the extent to which data subjects affected by a breach of the GDPR...more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more
It is imperative that a company knows what data it holds, why it is holding it, where it holds it, and who has access to it. The old adage that information is power leads many to believe that holding on to as much data as...more
How important is it for organizations to keep track of their data footprint? The Federal Trade Commission (FTC) thinks this is crucial. On Jan. 9, 2023, the FTC finalized a consent order following a breach. The order was...more
This post deals with another data breach, yes, hackers were able to compromise the organization’s systems and exfiltrate personal information relating to over 45,000 Pennsylvania and Ohio residents. However, there are several...more
The British Virgin Islands ("BVI") Data Protection Act, 2021 ("DPA") came into force on 9 July 2021. It was introduced so the BVI would have a data protection framework which is broadly similar to EU and UK standards. To...more
On January 9, 2023, the Federal Trade Commission (“FTC”) finalized an order with Drizly, LLC, an online marketplace for alcohol delivery services, and its Chief Executive Officer (“CEO”), James Cory Rellas over alleged...more
The average cost of a data breach is on the rise. According to the 2022 ForgeRock Consumer Identity Breach Report, the average cost in 2021 of recovering from a data breach in the U.S. is $9.5 million — an increase of 16%...more
Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more
Companies and consumers alike are under perpetual assault from bad actors as IoT, work from home, and cloud migration – all intended to improve productivity – have expanded the cyber attack surface. The continually evolving...more
You know that cleaning out the garage is a good idea. You would have more storage space and would even be able to put the car into the garage, which is better for security, for keeping it clean, and for ensuring an easy start...more