Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Why Privacy Matters to Your Business and What's in Store for 2025
Getting Bang for Your Buck: Spend Your 2025 Privacy Budget Wisely
Constangy Clips Ep. 7- 4 New Year’s Resolutions to Keep Your Cyber Data Safe and Secure in 2025
The Privacy Insider Podcast Episode 10: 2025 Privacy Predictions: Hold My Beer, 2024
No Password Required: Director and Cybersecurity Adviser at KPMG and Rain Culture Authority
Protect, Prepare, Prevail: Navigating a Complex Cybersecurity World
2024 Privacy Trends and Their Impact on Auto Finance – Moving the Metal: The Auto Finance Podcast
On-Demand Webinar: Bring Predictability and Reduce the Spiraling Cost of Cyber Incident Response
Crafting an Effective Law Firm Generative AI Policy for Responsible Business Use: On Record PR
2025 Privacy Law Preview: Be Prepared
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
Unlock Privacy ROI: Why Making Cross-Functional Allies is Key
Podcast - Decoding the Future of AI Regulation and Frontier Models
The Privacy Insider Podcast Ep. 8: Privacy Over Party: Peter Swire
In an era where digital threats are more sophisticated than ever, cybersecurity has become a pressing concern for family enterprises. These businesses are attractive targets for cyberattacks and need to balance the critical...more
On January 16, 2024, New Jersey became the first state to enact a comprehensive data privacy law in the new year, with Gov. Phil Murphy (D-NJ) signing the New Jersey Privacy Act (NJPA) (SB 332) into law. The New Jersey law...more
Artificial intelligence (“AI”), including generative AI (“GAI”), has gained significant momentum in recent months due to its potential to transform how organizations create content, automate tasks, and provide personalized...more
In October 2023, the federal government released a Proposed Rule aimed at incorporating new cybersecurity reporting requirements into the Federal Acquisition Regulation (FAR). In this second installment of PilieroMazza’s...more
Five Years After ‘a Singular Human Error,’ Two Breach Notices, Revenue Firm Settles With OCR - As far as settlements for alleged HIPAA violations go, a recent agreement announced by the HHS Office for Civil Rights (OCR)...more
Cybersecurity has been an important topic for many years now, yet the government has struggled with how to flow down cybersecurity obligations to its supply chain. The Department of Defense’s (DOD) Cybersecurity Maturity...more
The U.S. Department of Veterans Affairs (VA) released a final rule, effective February 24, 2023, amending the VA’s Acquisition Regulation (VAAR) to impose new cybersecurity procedures and processes to protect sensitive VA...more
Some states will affirmatively require annual audits of a business’s data collection and processing practices and—in some cases—to submit those audits to state regulators. With new US state data protection laws taking...more
On May 10, 2022, a former Coca-Cola chemist was sentenced to 14 years in prison for selling trade secrets to a Chinese government-backed corporation. This example demonstrates the way the supply chain increasingly presents...more
As an ever-increasing amount of contract negotiation and execution is done online, new legal issues have arisen from such transactions. Consider the following scenario: You are a general/prime contractor. You have a...more
On December 4, 2020 the President signed into law the IoT Cybersecurity Improvement Act of 2020, Pub. L. No. 116-207 (the “IoT Act”). The legislative purpose behind the new law is to ensure the highest level of cybersecurity...more
Legislation directing the National Institute of Standards and technology (“NIST”) to create standards and guidelines for securing Internet of Things (“IoT”) devices used by Federal agencies and their contractors recently...more
Now that DOD has released the final version of the Cybersecurity Maturity Model Certification (CMMC) guidelines, all contractors that work directly or indirectly on Department of Defense (DOD) contracts should be preparing to...more
The Office of the Under Secretary of Defense for Acquisition and Sustainment has been on a fast track mission to shore up the cybersecurity measures of defense contractors and the supply chain to the Department of Defense...more
A Florida staffing agency which provides physicians to hospitals and nursing homes, has agreed to a $500,000 settlement with the U.S. Department of Health and Human Services, Office for Civil Rights. The settlement comes...more
The Department of Defense (DOD) and its component services and agencies are taking several independent steps to assess and enhance their cyber and supply chain security that will directly or indirectly affect DOD contractors...more
ITAR is an important area of regulation for government contractors. This includes firms in the defense, technical services, information technology, cyber-security, military training and DOD-funded R&D fields. These...more
This article summarizes some of the many risks and implications that are associated with failing to comply with U.S. government-unique cyber and information technology requirements. We are often asked by small and...more
The Department of Homeland Security (DHS) has now officially entered the government data security fray with its own proposed rule (HSAR Case 2015-001; 82 FR 6429; Jan. 19, 2017) for safeguarding Controlled Unclassified...more
On October 4, 2016, the Department of Defense (“DoD”) published a final rule implementing mandatory cyber incident reporting requirements for DoD contractors and subcontractors. The rule, which is effective as of November 3,...more
From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more
The United States Department of Defense promulgated an “interim” rule, effective August 26, 2015, which placed imposing and costly burdens on all DoD contractors and subcontractors (including small businesses and commercial...more
This update will cover two things: (1) the new (yes, again) Department of Defense cybersecurity interim/final rule on reporting cyber incidents by contractors / subcontractors and (2) the money to fund these new rules and...more
The U.S. Department of Defense (DOD) recently published an interim rule amending the Defense Federal Acquisition Regulation Supplement (DFARS).1 The interim rule, effective August 26, 2015, focuses on two issues. First, the...more
The Department of Defense (DoD) released interim rules implementing provisions of the 2013 and 2015 National Defense Authorization Acts. The rules, released on Aug. 26, 2015, are effective immediately and establish the...more