We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
In a move to further bolster data privacy, China’s State Administration for Market Regulation and the Standardization Administration of China jointly issued a national standard, GB/T 45574-2025, Data Security Technology –...more
Since the full enforcement of Thailand’s Personal Data Protection Act B.E. 2562 (2019) (“PDPA”) in June 2022, the Personal Data Protection Committee (“PDPC”) has moved decisively from awareness-building to active enforcement....more
In its judgment of May 13, 2025 (case number VI ZR 186/22), the German Federal Court of Justice (Bundesgerichtshof – “BGH”) continued its case law on the compensability of non-material damages under Article 82 GDPR, in...more
On August 22, the CFPB issued an advance notice of proposed rulemaking in the Federal Register seeking public comments and data to inform its decisions on implementing Section 1033 of the Dodd-Frank Act (the Personal...more
On April 8, 2025, the Bulk Data Transfer Rule went into effect. It became enforceable on July 8, 2025; however, many of the technical enforcement obligations under the Bulk Data Transfer Rule become enforceable on October 6,...more
On August 11, 2025, the Office of the Privacy Commissioner of Canada ("OPC") issued two sets of guidance for processing of individual's biometric data: one for federal institutions and one for private businesses. Below we...more
Thailand's Personal Data Protection Committee (“PDPC”) has significantly intensified its enforcement of Thailand's Personal Data Protection Act B.E. 2562 (2019) (“PDPA”), announcing on 1 August 2025 eight new administrative...more
Starting today, July 31, 2025, the Minnesota Consumer Data Privacy Act (“MCDPA”) officially takes effect. Signed by Governor Tim Walz in May 2024, this act majorly affects how the personal data of Minnesota residents is...more
As of July 9, the U.S. Department of Justice has begun full enforcement of a sweeping new data regulation known as the Sensitive Data Rule, or “SDR.” Implemented under President Biden’s Executive Order 14117, the SDR marks a...more
The rise of artificial intelligence (AI) and its widespread availability offers significant growth opportunities for businesses. However, it necessitates a robust governance framework to ensure compliance with regulatory...more
INTRODUCTION - Artificial intelligence ("AI") has rapidly transitioned from experimental use to widespread adoption across Hong Kong. Organisations are now leveraging AI models to enhance customer service, improve risk...more
On April 8, 2025, the US Department of Justice’s National Security Division’s final rule regulating sensitive data about US persons came into effect. DOJ also announced a 90-day grace period on enforcement. At a moment of...more
On July 8, the DOJ’s National Security Division (NSD) will begin enforcing its Data Security Program according to a notice from April titled “Data Security Program Implementation and Enforcement Policy” which outlined the...more
The US Department of Justice’s (DOJ’s) final rule implementing Executive Order (EO) 14117, Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern went...more
The Department of Justice (“DOJ”) implemented the Data Security Program (“DSP”) intending to prevent access to Americans’ bulk sensitive personal data and government-related data by Countries of Concern. The DSP is aimed at...more
The United States Data Security Program (DSP) represents a significant regulatory undertaking by the US government to control the flow of bulk sensitive data to specific foreign countries, for national security purposes....more
- On 26 March 2025, the European Health Data Space (EHDS) Regulation entered into force. The regulation establishes a comprehensive framework for health-data sharing and access in the EU, with the dual aim of supporting the...more
The Department of Justice (DOJ) implemented a new regulatory regime (Data Security Program) addressing access to, and transfer of, sensitive personal data to countries and persons of concern, including Russia, China and...more
Pursuant to a newly effective U.S. Department of Justice (DOJ) regulation, the transfer and storage of certain sensitive U.S. government and personal data may be prohibited or restricted, depending on the intended recipient,...more
Hong Kong’s Privacy Commissioner for Personal Data (PCPD) recently published Guidelines for the Use of Generative AI by Employees. We look at the key points contained in the Guidelines below....more
This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more
U.S. companies are running out of time to comply with a sweeping new Department of Justice (DOJ) rule that limits sharing sensitive personal data with certain foreign countries—including China, Russia, and Iran. With a hard...more
The Data Security Program (DSP), implemented by the Department of Justice's National Security Division (DOJ/NSD) under Executive Order 14117 (Preventing Access to Americans' Bulk Sensitive Personal Data and United States...more
A month has passed since the Department of Justice (DOJ) National Security Division’s (NSD) issued its Final Rule prohibiting certain transactions involving US government data and Americans’ bulk sensitive personal data....more
On April 11, 2025, the U.S. Department of Justice’s National Security Division (NSD) issued a Compliance Guide to provide additional information to assist companies and individuals in complying with the NSD’s Data Security...more