No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Why Privacy Matters to Your Business and What's in Store for 2025
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
The UK Financial Conduct Authority (FCA) has published the 2025 outcomes report of the open finance sprint, held in March. The Sprint brought together stakeholders to develop practical data-sharing use cases across four key...more
With the seemingly never-ending updates to B2B contracts for compliance with new (and amended) comprehensive state privacy laws, the U.S. Department of Justice’s bulk data transfer rule, and artificial intelligence (AI)...more
As of April 1, 2025, all merchants and third-party service providers (TPSPs) involved in processing credit or debit card payments must fully adhere to the enhanced security requirements outlined in the Payment Card Industry...more
We are pleased to present our final 2024 update to the New England and First Circuit Class Action Tracker, which focuses on class action filings in state and federal courts within the boundaries of the First Circuit in New...more
Jane Barratt, Financial Data Exchange (FDX) co-board chair, joins RegFi co-hosts Jerry Buckley and Sasha Leonhardt to share the role FDX will play as the first standard setting organization (SSO) approved by the CFPB pursuant...more
The Payment Card Industry Security Standards Council (PCI SSC) has issued an FAQ for ecommerce merchants that outsource their payment card processing to a vendor using an embedded payment page or form (such as an "iframe")....more
Two delegated acts were published in the Official Journal of the European Union (OJ) in respect of the EU Digital Operational Resilience Act (DORA). These are: - Commission Delegated Regulation (EU) 2025/301, which comprises...more
New York State’s Department of Financial Services is warning all regulated entities has released a Cybersecurity Regulation Updates and Reminder warning all companies that all regulated entities without a full exception that...more
The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more
On February 7, the union representing CFPB employees published a notice expressing concerns regarding the recent addition of certain DOGE employees to the CFPB’s email directory and their presence in offices. ...more
The 119th Congress is underway, and Republicans control both chambers. With President Trump in the White House, both the House and the Senate will focus more of their oversight on the private sector. Continuing a trend over...more
On January 15, the CFPB published to the Federal Register a Request for Information (RFI) on the collection, use, sharing and protection of consumer payment and personal financial data by companies offering financial products...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
Following our recent client alert, learn more about PCI DSS 4.0 coming into effect and its impact on organizations in 2025. Mark Schreiber, Brian Long, and Sam Genovese share further insights from working with clients on...more
The Consumer Financial Protection Bureau (CFPB) has approved the Financial Data Exchange’s (FDX) application to serve as a standard-setting body under the final rule for Personal Financial Data Rights, (“open banking”)...more
The Bank of England published the findings of its third joint survey with the U.K. Financial Conduct Authority on the use of Artificial Intelligence and machine learning in financial services. The survey aims to build on...more
As of November 1, 2024, financial services companies regulated by the New York Department of Financial Services Cybersecurity Regulation face new requirements relating to cybersecurity governance, encryption, and incident...more
Orrick Partner Beth McGinn joins RegFi co-hosts Jerry Buckley and Sasha Leonhardt for our second episode focused on the proposed American Privacy Rights Act and its potential impact on the financial services industry. Beth...more
Powerful ideas emerge when you look at something through a completely different lens. And when two parties come together to share those unique perspectives? That’s when the magic happens. Womble Bond Dickinson’s virtual...more
Compliance is difficult, and litigation and enforcement risks are high for financial services companies. Navigating a Proustian rulebook, it’s impossible to get everything right all the time. Legal and compliance work in...more
NIST Publishes Report on the Cybersecurity of Genomic Data. On December 20, 2023, the NIST National Cybersecurity Center of Excellence (NCCoE) published Final NIST IR 8432, Cybersecurity of Genomic Data. Informed by direction...more
Nelson Mullins invites you to the two-day webinar, Creating a Data Privacy & Security Playbook for 2024: An Overview of Compliance and Regulations, AI, and Data Breach Concerns, on Feb. 7 and 8 in honor of Privacy Day...more
Covered financial institutions now face heightened expectations in relation to cybersecurity governance, risk assessment, and incident reporting. The New York State Department of Financial Services’ (DFS) amendments (the...more
On October 27, 2023, the Federal Trade Commission (“FTC”) approved an amendment to the Safeguards Rule that requires non-banking financial institutions (e.g., mortgage companies, mortgage brokers, and creditors) to notify the...more
The Federal Trade Commission (FTC) recently adopted a final rule amending its Standards for Safeguarding Customer Information (commonly referred to as the “Safeguards Rule”) to require financial institutions to report certain...more