We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
While corporate leaders often view cybersecurity as a technical challenge, contributing author Phil Favro illustrates the legal and organizational dimensions of cybersecurity in this recent article. Favro emphasizes that...more
Data asset protection is traditionally associated with industries and entities that develop or store particularly sensitive information, like tech companies, hospitals, law firms, and government entities. However, data asset...more
Your associates are using ChatGPT. Right now. While you're reading this. According to Pew Research data from June 2025, 34% of U.S. adults have used ChatGPT, double the rate from 2023. Among adults under 30, that number jumps...more
One key lesson from the ongoing ransomware epidemic is clear: threat actors don’t discriminate. It doesn’t matter who you are or what your business does — if they see an opening, they’ll exploit it, ready or not. Despite...more
While external cyber threats make headlines, the reality is that your biggest risk often comes from within. For North Carolina businesses, from tech startups in Durham to manufacturers in Greensboro, understanding how to...more
Let’s talk about something that doesn’t get enough attention: protecting your employees’ sensitive personal information. In today’s digital world, keeping your team’s data safe isn’t just a nice-to-have—it’s absolutely...more
The COVID-19 pandemic caused office workers to start working from home—but businesses should expect remote work to last a long time. Beyond the unpredictability of this pandemic, 99% of remote workers want to continue...more
Written Information Security Programs, commonly referred to as WISPs, are critical plans to have in place – not only to efficiently and effectively respond to ransomware attacks and data breaches when they occur – but to...more
The second post in our data loss prevention series offers a roadmap for implementing Microsoft Purview DLP to secure sensitive data in AI-influenced environments. From discovery and classification to policy enforcement,...more
Two settlements recently announced by the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) reinforce the agency’s emphasis on promoting thorough risk analysis to help prevent disclosure of...more
A single outage can spiral into hours of downtime, frustrated customers, and significant revenue loss across your business....more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more
Last week’s NFL draft highlighted more than the accomplishments of athletes at the combine or on the field. While there was extensive coverage of the merits of each player, one of the major headlines coming out of the draft...more
Spring has arrived, and in addition to cleaning, it’s a good time to reassess how your company is handling its trade secrets. Far from being static, trade secret innovations, processes, and data evolve over time. Business...more
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more
When it comes to compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), is your house in order? Has someone recently looked underneath the counter and...more
When evaluating AI risks, legal, ethics and compliance professionals need to divide the question into two — first, what are risks from legal, ethics and compliance internal use of AI? and second, what are business risks from...more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
As each year passes and technology advances, businesses face an increasingly difficult task to maintain adequate security measures to protect their organizations’ assets and data. With this in mind, it is important to review...more
Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more
In a recent federal case from New York, the court dealt a blow to plaintiffs suing over data breaches. The plaintiffs had filed a putative class action suit, alleging that they (and others like them) had been harmed by the...more