Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Why Privacy Matters to Your Business and What's in Store for 2025
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
2024 Privacy Trends and Their Impact on Auto Finance – Moving the Metal: The Auto Finance Podcast
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
Podcast - Decoding the Future of AI Regulation and Frontier Models
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
Hong Kong’s Privacy Commissioner for Personal Data (PCPD) recently published Guidelines for the Use of Generative AI by Employees. We look at the key points contained in the Guidelines below....more
U.S. companies are running out of time to comply with a sweeping new Department of Justice (DOJ) rule that limits sharing sensitive personal data with certain foreign countries—including China, Russia, and Iran. With a hard...more
The Data Security Program (DSP), implemented by the Department of Justice's National Security Division (DOJ/NSD) under Executive Order 14117 (Preventing Access to Americans' Bulk Sensitive Personal Data and United States...more
Selected U.S. Privacy & Cyber Updates - DOJ Settles False Claims Act Case with MORSECORP over Cybersecurity Program - On March 26, 2025, the U.S. Department of Justice (DOJ) announced that it had reached an agreement with...more
Negotiating a data processing agreement (DPA) is typically a necessary step when engaging vendors that handle personal data. However, these negotiations have become time consuming and complex, given the evolving privacy...more
A federal district court recently found that employees aren’t protected by Kentucky’s consumer protection law because they don’t qualify as consumers, handing a solid win to employers. The April 21 decision in Viviali v. One...more
Businesses with employees in Hong Kong should be aware of new guidelines aiming to help companies develop policies on generative AI use in the workplace. Although the new guidelines are not binding, they are meant to align...more
Sports sponsorship contracts traditionally focus on category exclusivity and entitlements while overlooking data sharing language. However, with the rapid evolution of data usage in the industry, incorporating data sharing...more
While the US federal government is largely scaling back its rulemaking and compliance efforts, one critical exception is where personal data and technology intersect with national security. Exemplifying this trend, on April...more
On April 11, 2025, the U.S. Department of Justice’s National Security Division (NSD) issued a Compliance Guide to provide additional information to assist companies and individuals in complying with the NSD’s Data Security...more
The new Department of Justice (DOJ) rule governing international transfers of Americans’ information, codified at 28 C.F.R. Part 202, became effective on April 8, 2025....more
On January 8, the US Department of Justice (DOJ) issued a final rule under Executive Order 14117, which established the Rule Preventing Access to US Sensitive Personal Data and Government-Related Data by Countries of Concern...more
What's Changed? The U.S. Department of Justice (DOJ) published a Data Security Program (DSP), pursuant to a final rule (Final Rule), which became effective on April 8, 2025....more
Becker’s Hospital Review reports that the Department of Government Efficiency (DOGE) “has access to sensitive information in 19 HHS databases and systems,” according to a court filing obtained by Wired. HHS provided the...more
Hello, everyone. My name is Allan Medina. I am a partner in Goodwin’s Washington, DC, office, with a practice focus on government investigations. I’m here with Liza Craig, who is also a partner in the DC office. We are...more
Many “good government” initiatives continue to be enacted or implemented on Capitol Hill or in the Executive Branch — notwithstanding changes in political control. While working on Capitol Hill, the bulk of the legislative...more
On January 8, 2025, the U.S. Department of Justice (“DOJ”) issued its final rule to implement Executive Order 14117 aimed at preventing access to Americans' bulk sensitive personal data and government-related data by...more
In a Press Release issued April 11, 2025, the U.S. Department of Justice (“DOJ”) indicated that it would prioritize “facilitating compliance” over civil enforcement actions for the first 90 days of its new US-China data...more
The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
On April 8, the National Security Division of the U.S. Department of Justice’s (DOJ) new rule on cross-border data transfers takes effect. It restricts U.S. businesses from transferring certain bulk sensitive personal data to...more
In a critical revelation within the realm of digital privacy, a significant data breach was uncovered involving key players in the dating app industry. Approximately 1.5 million explicit images from users of BDSM People,...more
With the number of data breaches increasing each year, it’s becoming more important to know what personal data you have and where you have it. On personal or even work devices, you may be surprised at how much of your data is...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
On March 20, 2025, the new Federal Law for the Protection of Personal Data held by Private Parties (LFPDPPP of 2025) was published in the Official Gazette of the Federation. The LFPDPPP of 2025 entered into force on March 21,...more