Understanding MALPB Charters: A Collaborative Approach to Banking Innovation — Payments Pros – The Payments Law Podcast
Navigating Legal Strategies for Covering GLP-1s in Self-Insured Medical Plans — Employee Benefits and Executive Compensation Podcast
LathamTECH in Focus: How Should Crypto Companies Be Thinking About New Laws?
The Standard Formula Podcast | Assessing Prudential Solvency Regimes in the Middle East
Regulatory Rollback: Impact on Industry of CFPB's Withdrawal of Fair Lending and UDAAP Informal Guidance — The Consumer Finance Podcast
Cannabis Law Now Podcast - The 4-1-1 on Cannabis Receiverships from a Top Cannabis Receiver
The LathamTECH Podcast — Where Digital Assets Slot Into a Shifting Fintech Regulatory Landscape: Insights From the US, UK, and EU
Podcast - New Guidance on Complying with FTC Rule on Deceptive and Unfair Fees
Tenant Tales and Reseller Realities: Inside the FCRA Arena With Eric Ellman — FCRA Focus Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Podcast - Navigating the New Landscape of Private Equity in Healthcare
Compliance Tip of the Day: Podcasting for Compliance Training
Everything Compliance: Episode 154, The Law Firms in Trouble Edition
The fatal flaws in the 2023 CRA rule
Compliance Tip of the Day: Measuring Compliance Training Effectiveness
New Executive Order Targets Disparate Impact Claims Nationwide - #WorkforceWednesday® - Employment Law This Week®
Welcoming a New Payment Pro: Jason Cover Joins the Payments Pros Podcast — Payments Pros – The Payments Law Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
Medicaid Cuts: Potential Challenges and Legal Implications for Long-Term Care Facilities — Assisted Living and the Law Podcast
Rewriting the Rules: The Supreme Court's Landmark Decision on Clean Water Act Permits
The European Union Agency for Cybersecurity (ENISA) has launched the European Vulnerability Database (EUVD), a tool designed to enhance digital security across the EU. The EUVD is available here....more
Recently, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) published a significant interim final rule (IFR) that has created both challenges and exciting opportunities for these operators. This IFR...more
Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more
On April 8, the Office of the Comptroller of the Currency (OCC) officially notified Congress of a significant information security incident involving its email system. This notification, mandated by the Federal Information...more
The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more
Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more
This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more
The healthcare industry has come up against unprecedented pressure in recent years. Digital transformation has had a significant role to play when it comes to creating the efficiency needed to deal with the challenges of a...more
WHAT: FedRAMP has announced that it will be working on a new framework for authorization and assessment of cloud services for federal consumption, calling the initiative “FedRAMP 20X” (announcement here). In response to...more
The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more
On May 31, 2025, the Alberta Security Management for Critical Infrastructure Regulation (the Regulation) will come into force and is expected to alter existing security requirements for critical resource infrastructure in...more
The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more
The European Banking Authority (EBA) has published a final report with amending guidelines in respect of Guidelines EBA/GL/2019/04 on ICT and security risk management. The EBA reviewed the Guidelines in light of the Digital...more
On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more
Background - The Digital Operational Resilience Act (DORA), a European Union (EU) regulation that is set to transform how financial entities and their information technology (IT) service providers manage operational risks,...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
On May 9, 2024, Governor Wes Moore signed into law the Maryland Online Data Privacy Act of 2024 (“MODPA”). MODPA will take effect on October 1, 2025, but will not apply to personal data processing activities occurring before...more
Updates to the Health Insurance Portability and Accountability Act Security Rule (“HIPAA Security Rule”) are planned for Spring 2024. New guidance from The Department of Health and Human Services (“HHS”) via a recently...more
The Connecticut Data Privacy Act (CDPA), which became effective on July 1, 2023, provides Connecticut residents with certain rights over their personal information and establishes responsibilities and privacy protection...more
When a cyber breach occurs, cooler heads need to prevail. This can be a highly emotional and stressful occurrence. Being prepared and having a clear plan of action will help you stay focused, meet your compliance...more
The Accreditation Overhaul for North Carolina (and Florida) Colleges - Last month, North Carolina Governor Roy Cooper signed House Bill 8 (HB 8) into law. In addition to establishing a new computer science requirement for...more
The International Association of Privacy Professionals held its annual Global Privacy Summit on April 4-5 in Washington, D.C. Here are some things we learned. 1. Generative Artificial Intelligence (“AI”) is Ubiquitous in the...more