We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Today’s retail operations depend on far more than the products on store shelves or the design of an ecommerce site. Behind the scenes, a fulfilment provider may rely on regional couriers, a payment processor on a cloud host,...more
For contractors within the Defense Industrial Base (DIB), the time to ensure compliance with the Department of Defense’s (DOD) Cybersecurity Maturity Model Certification program (CMMC) 2.0 is now. DOD formally sent the final...more
In an era where digital threats are more sophisticated than ever, cybersecurity has become a pressing concern for family enterprises. These businesses are attractive targets for cyberattacks and need to balance the critical...more
On January 16, 2024, New Jersey became the first state to enact a comprehensive data privacy law in the new year, with Gov. Phil Murphy (D-NJ) signing the New Jersey Privacy Act (NJPA) (SB 332) into law. The New Jersey law...more
Artificial intelligence (“AI”), including generative AI (“GAI”), has gained significant momentum in recent months due to its potential to transform how organizations create content, automate tasks, and provide personalized...more
In October 2023, the federal government released a Proposed Rule aimed at incorporating new cybersecurity reporting requirements into the Federal Acquisition Regulation (FAR). In this second installment of PilieroMazza’s...more
Five Years After ‘a Singular Human Error,’ Two Breach Notices, Revenue Firm Settles With OCR - As far as settlements for alleged HIPAA violations go, a recent agreement announced by the HHS Office for Civil Rights (OCR)...more
Cybersecurity has been an important topic for many years now, yet the government has struggled with how to flow down cybersecurity obligations to its supply chain. The Department of Defense’s (DOD) Cybersecurity Maturity...more
The U.S. Department of Veterans Affairs (VA) released a final rule, effective February 24, 2023, amending the VA’s Acquisition Regulation (VAAR) to impose new cybersecurity procedures and processes to protect sensitive VA...more
Some states will affirmatively require annual audits of a business’s data collection and processing practices and—in some cases—to submit those audits to state regulators. With new US state data protection laws taking...more
On May 10, 2022, a former Coca-Cola chemist was sentenced to 14 years in prison for selling trade secrets to a Chinese government-backed corporation. This example demonstrates the way the supply chain increasingly presents...more
As an ever-increasing amount of contract negotiation and execution is done online, new legal issues have arisen from such transactions. Consider the following scenario: You are a general/prime contractor. You have a...more
On December 4, 2020 the President signed into law the IoT Cybersecurity Improvement Act of 2020, Pub. L. No. 116-207 (the “IoT Act”). The legislative purpose behind the new law is to ensure the highest level of cybersecurity...more
Legislation directing the National Institute of Standards and technology (“NIST”) to create standards and guidelines for securing Internet of Things (“IoT”) devices used by Federal agencies and their contractors recently...more
Now that DOD has released the final version of the Cybersecurity Maturity Model Certification (CMMC) guidelines, all contractors that work directly or indirectly on Department of Defense (DOD) contracts should be preparing to...more
The Office of the Under Secretary of Defense for Acquisition and Sustainment has been on a fast track mission to shore up the cybersecurity measures of defense contractors and the supply chain to the Department of Defense...more
A Florida staffing agency which provides physicians to hospitals and nursing homes, has agreed to a $500,000 settlement with the U.S. Department of Health and Human Services, Office for Civil Rights. The settlement comes...more
The Department of Defense (DOD) and its component services and agencies are taking several independent steps to assess and enhance their cyber and supply chain security that will directly or indirectly affect DOD contractors...more
ITAR is an important area of regulation for government contractors. This includes firms in the defense, technical services, information technology, cyber-security, military training and DOD-funded R&D fields. These...more
This article summarizes some of the many risks and implications that are associated with failing to comply with U.S. government-unique cyber and information technology requirements. We are often asked by small and...more
The Department of Homeland Security (DHS) has now officially entered the government data security fray with its own proposed rule (HSAR Case 2015-001; 82 FR 6429; Jan. 19, 2017) for safeguarding Controlled Unclassified...more
On October 4, 2016, the Department of Defense (“DoD”) published a final rule implementing mandatory cyber incident reporting requirements for DoD contractors and subcontractors. The rule, which is effective as of November 3,...more
From the rise in ransomware attacks to inadvertent disclosure of information by subcontractors, the health services industry is reminded that a potential consequence of a data breach is the threat of a regulatory enforcement...more
The United States Department of Defense promulgated an “interim” rule, effective August 26, 2015, which placed imposing and costly burdens on all DoD contractors and subcontractors (including small businesses and commercial...more
This update will cover two things: (1) the new (yes, again) Department of Defense cybersecurity interim/final rule on reporting cyber incidents by contractors / subcontractors and (2) the money to fund these new rules and...more