Can Food Really Be Medicine? Transforming Health Care One Bite at a Time – Diagnosing Health Care Video Podcast
NLRB Quorum Limbo, DOL Deregulation Push, Coldplay Concert Exposes Workplace Romance - #WorkforceWednesday® - Employment Law This Week®
Innovation in Compliance: Allison Lagosh on Proactive Compliance Planning for Regulatory Changes
From Banks to FinTech: The Evolution of Small Business Lending — The Consumer Finance Podcast
From Banks to FinTech: The Evolution of Small Business Lending — Payments Pros – The Payments Law Podcast
The Labor Law Insider: NLRB Does a U-Turn on Make-Whole Settlement Remedies, Part II
Great Women in Compliance: GWIC X EC Q2 2025 - Exploring Compliance Innovations
Daily Compliance News: June 25, 2025, The PCAOB Elimination Hits Roadblock Edition
Legal Shifts in 2025 Put Employer Non-Compete Strategies at Risk - Employment Law This Week® - Spilling Secrets Podcast
Doc Fees Decoded: The Price of Paperwork in Auto Sales — Moving the Metal: The Auto Finance Podcast
Cruising Through Change: The Auto-Finance Industry’s New Era Under Trump Unveiled — The Consumer Finance Podcast
2023 CRA Rule Repeal: Lessons to be Learned
All Things Investigations: Navigating New DOJ Directives - Declinations, Cooperation, and Whistleblower Programs with Mike DeBernardis and Katherine Taylor
Regulatory Rollback: Inside the CFPB’s FCRA Guidance Withdrawal — The Consumer Finance Podcast
Compliance into the Weeds: Changes in FCPA Enforcement
Cruising Through Change: The Auto-Finance Industry’s New Era Under Trump Unveiled — Moving the Metal: The Auto Finance Podcast
DOL Restructures: OFCCP on the Chopping Block as Opinion Letters Expand - #WorkforceWednesday® - Employment Law This Week®
Regulatory Rollback: Inside the CFPB's FCRA Guidance Withdrawal — FCRA Focus Podcast
10 For 10: Top Compliance Stories For the Week Ending June 7, 2025
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
New York recently passed new cybersecurity regulations for hospitals licensed in New York to enhance patient safety and cybersecurity....more
The first wave of Australia's expansive privacy law reforms has been introduced into Federal Parliament in the Privacy and Other Legislation Amendment Bill 2024 (Cth) ("Bill")....more
The US privacy legal landscape continues to expand in 2024, with most of the momentum led by state laws. ...more
As businesses grapple with the evolving, regulatory landscape for data privacy, the Texas Data Privacy & Security Act (TDPSA) emerges as a pivotal law. This comprehensive legislation, effective July 1, 2024, established...more
CYBERSECURITY - Health Care Entities Continue to Get Pummeled by Cybersecurity Attacks - The newest health care entity to be hit by a cyberattack is Ascension Health, which operates 140 hospitals and 40 assisted living...more
The FTC has updated its HBNR to clarify that the rule also restricts marketing practices involving personal health information. This update to the HBNR was announced on April 26, 2024, and follows several recent enforcement...more
On February 1, 2024, the Connecticut Office of the Attorney General (the “OAG”) issued a report mandated by the Connecticut Data Privacy Act (the “CTDPA”), Conn. Gen. Stat. § 42-515 et seq. (the “Report”), which Report is...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
On October 27, 2023, the Federal Trade Commission (“FTC”) adopted an amendment to the FTC’s Safeguards Rule that will require non-banking financial institutions to notify the FTC within thirty days of discovering a data...more
A flurry of legislative activity over the past year has brought meaningful changes to a variety of privacy and security provisions in state and federal law. At the state level, as in 2022, we have seen a handful of changes to...more
The Securities and Exchange Commission (“SEC”) adopted the final rules (the “Final Rules”) on July 26, 2023 that will require disclosure of material cybersecurity incidents, cybersecurity risk management, strategy, and...more
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted new rules requiring public companies to disclose within four business days material cybersecurity incidents they experience and to disclose annually...more
The SEC has recently voted on new rules that will require companies to disclose material cybersecurity incidents within four days and to make disclosures about their broad cybersecurity risks in their annual report. Tom Fox...more
On May 18, 2023 the Federal Trade Commission (FTC) released a Notice for Proposed Rule Making (NPRM) for updates to the Health Breach Notification Rule, 16 C.F.R. Part 318 (the Rule). The Rule serves to ensure entities that...more
On July 26, a divided SEC adopted a final rule outlining disclosure requirements for publicly traded companies in the event of a material cybersecurity incident. ...more
In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies. The rules, which will become effective thirty days after publication in...more
Come December 2023, public companies will have a very narrow window to report cybersecurity incidents that materially affect their companies. Companies will also have to report annually how they assess and manage...more
Iowa becomes the fourth U.S. state to provide an affirmative defense for companies that adopt a cybersecurity framework - Iowa is the fourth state—following Ohio, Connecticut, and Utah—to provide a statutory incentive for...more
The Federal Trade Commission (FTC) recently proposed changes to the Health Breach Notification Rule (Rule), enacted in 2009, to clarify that the Rule applies directly to an estimated 170,000 health and wellness mobile...more
In March, the White House issued its long-awaited National Cybersecurity Strategy. The strategy includes five pillars, Pillar One being “Defend Critical Instructure” with its first and second subparts focusing on (1)...more
Editor’s Note: Montana became the latest state to pass a comprehensive privacy bill, joining California, Virginia, Colorado, Connecticut, Utah, and Tennessee. Florida, too, passed a privacy bill, but with a much narrower...more
The story so far - In July 2022 the Data Protection and Digital Information Bill (the original Bill) was introduced into Parliament and we finally got sight of the UK Government’s intended direction for data protection...more
In May 2021, Colonial Pipeline, a privately held oil pipeline responsible for nearly half of the oil supply for the U.S. East Coast, was crippled by a DarkSide ransomware attack. DarkSide is widely believed to be a...more