We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
The EU Data Act (the Act), entered into force on January 11, 2024 but most of its provisions will apply from September 12, 2025. For any organization that designs, manufactures, or uses connected products, provides related...more
The Consumer Financial Protection Bureau (CFPB) published an Advance Notice of Public Rulemaking on August 22, 2025, reopening the rulemaking process for Section 1033 of the Dodd-Frank Act, which deals with how consumers can...more
On Aug. 22, the Consumer Financial Protection Bureau (CFPB) released an Advanced Notice of Proposed Rulemaking (ANPRM) on Personal Financial Data Rights while its October 2024 final rule is the subject of ongoing litigation....more
- On 26 March 2025, the European Health Data Space (EHDS) Regulation entered into force. The regulation establishes a comprehensive framework for health-data sharing and access in the EU, with the dual aim of supporting the...more
With the introduction of the Data Sharing Act 2025 (the “Act”), Malaysia has formalised the rules governing the sharing of data between its public sector agencies. Designed to foster greater collaboration and efficiency, the...more
On April 22, 2025, the Federal Trade Commission’s (FTC) changes to the Children’s Online Privacy Protection Rule (COPPA Rule) were published in the Federal Register. The updates will go into effect on June 23, 2025, and...more
The first updates to the COPPA Rule since 2013 impose new obligations for sharing children’s personal information with third parties. On April 22, 2025, the Federal Trade Commission (FTC or Commission) published the final...more
Sports sponsorship contracts traditionally focus on category exclusivity and entitlements while overlooking data sharing language. However, with the rapid evolution of data usage in the industry, incorporating data sharing...more
A rapid transformation in consumer finance is being brought about by open banking—a pivotal innovation that allows consumers to give third parties real-time access to their detailed financial data. Open banking has the...more
Advocate General Spielmann opines that personal data can be pseudonymous in the hands of one party and anonymous in the hands of another....more
The Council of Europe has formally adopted the EHDS, marking a significant milestone in the development of a unified framework for health data exchange across Member States. This initiative aims to enhance healthcare...more
On January 15, the CFPB published to the Federal Register a Request for Information (RFI) on the collection, use, sharing and protection of consumer payment and personal financial data by companies offering financial products...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
Tomorrow is International Data Privacy Day, so a happy day to all! More seriously, data privacy concerns and legislation continue to rapidly increase. It has been estimated that by the end of 2024 more than 75 percent of...more
Readers of this blog may recall a recent favorable decision handed down by Massachusetts State’s highest court in which it found that Massachusetts Wiretap Act claims (“MWA”) do not extend to consumer interactions with...more
It’s no longer good enough for your business to have a reactive approach to consumer privacy – you need a proactive strategy to manage compliance, foster consumer trust, and stay competitive in this modern era. While many...more
In a move that has been a long time in the making, the Consumer Financial Protection Bureau (CFPB) has finalized its comprehensive open banking rule. The rule implements Section 1033 of the Dodd-Frank Act and grants consumers...more
Over the past decade, the hospitality industry has rapidly adopted intensive technologies to meet the rising expectations of guests, personalize each guest’s experience, and cultivate and enhance customer loyalty. Access to...more
Corporations face unprecedented challenges in safeguarding sensitive data and mitigating privacy risks in an era marked by the rapid proliferation of Internet of Things, or IoT, devices....more
On April 11, 2024, Monument, Inc. (“Monument”), settled claims brought by the Federal Trade Commission (“FTC”) alleging that it had committed certain health data privacy law violations. Monument provides online addiction...more
I’m not a cyber expert, but as a compliance professional with accountability for internal investigations of employee and third-party misconduct I’ve had a front row seat to the evolution of risk that has mirrored the mass...more
In part one of our series "FemTech: how this growing industry can build trust, protect privacy and redress healthcare inequity… one app at a time", we take an introductory look at the industry, and offer some...more
Don’t miss our annual conference devoted to higher education and research compliance - Attend the Higher Education & Healthcare Research Compliance Conference June 10–12, 2024 and hear from experienced professionals on a...more
2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more
To keep you informed of recent activities, below are several of the most significant federal and state events that have influenced the Consumer Financial Services industry over the past week...more