Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
Compliance Tip of the Day: Avoiding CCO Liability
Compliance Tip of the Day: COSO Governance Framework - Part 5, People
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Balch’s Consumer Finance Compass: How Standing Can Make or Break Certification for Class Action Lawsuits in Debt Collection
Top challenges with Compliance Management
Innovation in Compliance: Allison Lagosh on Proactive Compliance Planning for Regulatory Changes
Daily Compliance News: July 15, 2025, The Fighting Workplace Bullying Edition
Compliance Tip of the Day: Design - Centric Internal Controls
Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
The Capital Ratio Podcast | Entering the US Banking Market
SCOTUS Clean Air Act Cases: What’s New?
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
From Permits to Penalties: A Deep Dive Into Coastal Development Law
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
The NIS2 Directive has significantly reshaped the cybersecurity landscape across the EU. Since the implementation deadline in October 2024, EU Member States have been working to incorporate new standards into their national...more
The U.S. Food and Drug Administration (FDA) recently finalized its March 2024 select updates to its guidance "Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions” (“Premarket...more
The FDA has finalized its guidance on cybersecurity for medical device premarket submissions, providing additional insight into the agency’s expectations for how manufacturers integrate cybersecurity risk management into...more
During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more
On June 2, 2025, the U.S. Department of Labor (DOL) announced a significant expansion of its compliance assistance tools by launching an Opinion Letter Program across five key enforcement agencies, including the Employee...more
The Cross Market Operational Resilience Group's (CMORG) AI Taskforce has released its AI Baseline Guidance Review (dated January 2025), accompanied by a press release. The CMORG AI Taskforce conducted a baseline review of...more
On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more
On April 1, 2025, the subcommittee on Oversight and Investigations of the House Committee on Energy and Commerce held a hearing on cybersecurity vulnerabilities in legacy medical devices. The hearing was largely a...more
On March 28, the FDIC issued updated guidance clarifying the process for FDIC-supervised institutions to engage in crypto-related activities. The guidance rescinds and replaces prior instructions issued in 2022 and makes...more
Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more
On December 5, 2024, the Divisions of Clearing and Risk, Data, Market Oversight, and Market Participants of the Commodity Futures Trading Commission (“CFTC”) issued an advisory on the use of artificial intelligence (“AI”) in...more
n March 15, the U.S. Food and Drug Administration (FDA) published a paper titled “Artificial Intelligence and Medical Products: How CBER, CDER, CDRH, and OCP are Working Together.” This paper describes the FDA’s strategy for...more
On March 18, 2024, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) updated its guidance on the “Use of Online Tracking Technologies by HIPAA Covered Entities and Business Associates” (Guidance)....more
The opinion was issued in response to a request by the French Data Protection Authority and provides guidance on the conditions for determining a controller's main establishment where that controller has establishments in...more
Looking for compliance education and networking in your area? SCCE & HCCA’s Regional Compliance & Ethics Conferences bring compliance practitioners from all disciplines together for convenient, local compliance education....more
The U.S. Department of Health and Human Services (HHS) recently issued a strategy paper highlighting key aspects of its plan to revamp cybersecurity requirements in the healthcare industry. Citing a 93% increase in large data...more
France's Orientation and Programming Law of the Ministry of the Interior ("LOMPI law"), published in the Official Journal of January 25, 2023, amends the insurance coverage of losses and damages paid in response to...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
On November 18, 2021, the Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency issued a joint final rule to require banking...more
On January 6, 2020, Andrew Smith, Director of the Federal Trade Commission (FTC) Bureau of Consumer Protection, announced three significant improvements to the FTC’s approach to data security enforcement cases....more
The European Data Protection Board (EDPB) recently published an updated version of its guidelines on the territorial scope of the GDPR, which were initially issued just over a year ago. The revised Guidelines do not...more
As the issues surrounding data protection become increasingly complex, in recent years the advisory guidelines (Guidelines) issued by the Personal Data Protection Commission of Singapore (PDPC) have been invaluable in guiding...more