We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
In today’s healthcare environment, compliance is a defining element of patient care quality, operational integrity, and public trust. Oversight from agencies such as the Office for Civil Rights (OCR), the Centers for Medicare...more
Welcome to QuickHits! A concise newsletter that covers current cases, recent hot topics, and/or pressing questions pertaining to the rapidly evolving U.S.-China relationship and related legal and commercial environments....more
You are increasingly using AI to help shape your decisions about who gets hired, promoted, or even approved for a loan. But if your algorithm results in bias, your organization could face lawsuits, regulatory scrutiny, and...more
Imagine signing off on an update to your customer support portal and later discovering that an AI agent the development team added to the portal has been quietly sending snippets of support tickets to an unsecured LLM for...more
In the financial services industry, audit preparation has become a continuous discipline that requires rigorous data governance, operational foresight, and real-time adaptability. This is especially important as compliance...more
The California Privacy Protection Agency (CPPA) has unanimously adopted new regulations requiring certain businesses subject to the California Consumer Privacy Act (CCPA) to conduct annual audits of their cybersecurity...more
Last week, the California Privacy Protection Agency (“Agency”) approved adoption of detailed new regulations under the CCPA that will include (among other notable components) a rule requiring annual cybersecurity audits for...more
Your risk and compliance functions are probably costing you more than they should. Not just in budget, but in drag. When your functions are siloed, they create redundant work, blind spots and a bad habit of reactivity that...more
Orrick’s John Bautista sat down with Rune Kvist, founder and CEO of Artificial Intelligence Underwriting Company, to explore accountability in AI and how creating auditable standards and insurance products could unlock...more
This monthly report outlines key developments in China’s data protection sector for June. TC260 Two Cybersecurity Practice Guidelines on Personal Information Protection Compliance Audits: On May 19, 2025, TC260 issued two...more
In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more
The Measures outline requirements and procedures for self-initiated and regulator-mandated compliance audits from May 1, 2025....more
Negotiating a data processing agreement (DPA) is typically a necessary step when engaging vendors that handle personal data. However, these negotiations have become time consuming and complex, given the evolving privacy...more
Recently, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) published a significant interim final rule (IFR) that has created both challenges and exciting opportunities for these operators. This IFR...more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
As if legal and compliance professionals had enough responsibilities on their plates, DOJ dropped another shoe (to join the tariffs, sanctions and export controls, and immigration issues) and upped the stakes for ethics and...more
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more
The PRC Personal Information Protection Law (PIPL) mandates regular data compliance audits. Following a consultation period beginning in August 3, 2023, the Cyberspace Administration of China (CAC) issued the Measures for...more
In the high-stakes world of legal due diligence, the security and confidentiality of sensitive information are paramount. With the increasing volume of electronically stored information (ESI) and the complexity of modern...more
In the final days of the Biden Administration, the US Department of Health and Human Services (HHS) Office for Civil Rights (OCR) issued a notice of proposed rulemaking (NPRM) to modify the Security Rule under the Health...more
Recent enforcement actions, audit activity, proposed rulemakings, and guidance issued by the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”) highlight the agency’s focus on health data...more
Drive compliance program success with cutting-edge education and valuable connections! For over two and a half decades, healthcare compliance professionals have gathered at HCCA’s Compliance Institute (CI) to share ideas,...more