What to Do When Leadership Doesn’t Take Compliance Seriously
Workplace Sexual Assault and Third-Party Risk: What’s the Tea in L&E?
Creativity and Compliance: Reinventing Compliance with Creativity: The Acteon I-Care Code
From Forest to Fortune: Navigating Workplace Ethics With Robin Hood — Hiring to Firing Podcast
Innovation in Compliance: Mastering Communication: Insights from Dr. Dennis Cummins on Speaking and Selling without Selling
Great Woman in Compliance: The Power of Vulnerability with Cricket Snyder
Innovation in Compliance: The Power of Accountability and Team Culture with Gina Cotner
2 Gurus Talk Compliance: Episode 55 – The From Worse to Worser Edition
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Tips for Conducting a Trade Secret Assessment with Rob Jensen
New Virginia "Workplace Violence" Definition and Healthcare Reporting Law: What's the Tea in L&E?
Work This Way: An Employment Law Video Podcast | Episode 51: Smarter Recruiting Strategies with Rhiannon Poore of Forge Search
Daily Compliance News: July 8, 2025, The Learning on the Job Edition
Summer Strategies for Work Success
Work this Way: An Employment Law Video Podcast | Episode 49: Building Culture by Investing in People with Silvia King of Southern First Bank
Performance Reviews: Lessons from Severance — Hiring to Firing Podcast
Coffee Badging: Mastering the Art of Office Presence — Hiring to Firing Podcast
Creativity and Compliance: Nourish Your Audience: A New Approach to Compliance Training
Work This Way: A Labor & Employment Law Podcast | Episode 47: Coaching Leaders & Building Culture with Robyn Knox of The HR Business Connect
Sunday Book Review: May 18, 2025, The Books on Engaged Training Edition
I didn’t plan on working in cybersecurity. My path wasn’t exactly traditional, but every job I had taught me how systems break—technical or operational, it didn’t matter. ...more
Information leaks pose a growing and multifaceted risk to organizations across sectors. While often associated with cybersecurity breaches, the majority of such incidents stem from human error or intentional misconduct. On 25...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
Think of it as the compliance version of The Butterfly Effect – a small, unnoticed, action, or failure to act, somewhere in the organization that balloons over time into a much larger, material issue. Maybe an employee is...more
Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more
Ransomware attacks that shut business down to zero and data breaches that disclose the personal information of customers, vendors and employees justifiably strike fear in the hearts of executives everywhere. Organizations can...more
If the penultimate enforcement settlement of 2023 issued by the HHS Office for Civil Rights (OCR) sounds familiar, that’s with good reason. And the last one of the year should ring some bells, too....more
Hackers commit financial fraud by creating a fake email address mimicking the vendor’s name and emailing accounts payable saying that the vendor’s account information has been changed. Funds are then sent directly to the...more
Cybersecurity attacks, such as malware, phishing emails, and password attacks, are a growing threat to patients and medical practices. Cyber attacks can significantly disrupt patient care, including by exposing confidential...more
The Nigerian prince seems almost quaint. Gone are the days when the Nigerian prince was the only nefarious figure menacing our inboxes. A simple yet elegant scheme – our supposed prince unexpectedly fell upon a large sum...more
Like many other industries, manufacturing has been hit hard with labor shortages. As of April 2022, U.S. factory activity reportedly is at its slowest pace in more than 18 months. Consequently, many factories seek more...more
In many ways, the COVID-19 pandemic has served as a prime example of punctuated equilibrium. Shifts that have been slowly building for decades seemingly occurred overnight, giving us the contradictory sense that these changes...more
Many supervisory authorities across Europe have reported increasing numbers of data breach notifications since the introduction of GDPR. While most companies are now familiar with the 72-hour reporting obligation for...more
The global food and beverage e-commerce market is expected to grow to $22.4 billion in 2020, possibly reaching $36.4 billion in 2023. That’s up from $14.9 billion in 2019. Food and beverage e-commerce revenue in the United...more
The coronavirus crisis is far from over, and compliance professionals still need every scrap of guidance that regulators can provide about how to run compliance programs in these difficult times. So when the Securities and...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
On January 27, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) announced its most recent Cybersecurity and Resiliency Observations. This report highlights specific practices that have been, and can be...more
Our Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational opportunities for...more
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more
• The NFA has determined that registered CPOs must implement an internal controls system and highlighted best practices for such a framework. • In response to certain frequently asked questions, the NFA has also updated its...more
When it comes to digital threats, universities must protect not only a broad and deeply layered infrastructure, but also vast populations of students. In this episode, Elisa D’Amico and Desiree Moore outline their top five...more
• On December 14, the SEC’s OCIE issued a Risk Alert summarizing the findings of its limited-scope examination initiative relating to electronic messaging. • Noting a “pervasive use” of electronic messaging by adviser...more
On October 16, 2018, the SEC issued a 21(a) report announcing that it had investigated whether certain public companies that were victims of oftentimes unsophisticated, cyber-related frauds had violated federal securities...more