Paddle's Payment Predicament: Unpacking FTC's Compliance Crackdown — Payments Pros – The Payments Law Podcast
AI Today in 5: August 22, 2025, The Angst Episode
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
Daily Compliance News: August 22, 2025, The WADA Returns Edition
Regulatory Ramblings: Episode 76 - The Digital Future: The US GENIUS Act and Hong Kong Stablecoins Ordinance / The Hong Kong Web3 Blueprint: Building a Web 3 International Financial Hub Report
Point-of-Sale Finance Series: Understanding the Development and Regulation of Buy Now, Pay Later Products — The Consumer Finance Podcast
Understanding BBB Ratings: Strategic Approaches to Consumer Complaints — Regulatory Oversight Podcast
Compliance Tip of the Day: Co-Thinking with AI
Joint Venture Eligibility Refresher on Requirements for Government Contractors
Compliance into the Weeds: Two Cyber Security Cases for the Compliance Professional
The Road to Regulation: Vehicle Service Contracts Explained — Moving the Metal: The Auto Finance Podcast
AI Today in 5: August 12, 2025, The Creating Billionaires Episode
Compliance Tip of the Day - The ROI of Compliance
AI Today in 5: August 11, 2025, The ACHILLES Project Episode
Taxing Intelligence: AI's Role in Modern Tax Administration
Podcast - An Overview of State Attorney General Consumer Protection Enforcement
LathamTECH in Focus: Move Fast, Stay Compliant
Work This Way: A Labor & Employment Law Podcast | Compliance Clarity for Federal Contractors with Joan Moore and Mim Munzel of Arbor Consulting Group
AI Today in 5: August 6, 2025, The Rethinking Compliance Episode
Compliance Tip of the Day: M&A Domestic Issues
Significant data breaches have affected major players in the healthcare industry in the last year, with the methods of attack being as diverse as the affected entities themselves. Originally published in Law360 - June 4,...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
Carriers have an obligation to protect customer proprietary network information (CPNI) and personally identifiable information (PI). Several recent FCC consent decrees resolving breaches of CPNI and PI show the FCC will hold...more
Pennsylvania’s Governor recently approved amendments to the Commonwealth’s data breach notification law, which represent a significant overhaul to the law. As detailed below, the amended law makes a number of material...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
A privacy breach can have detrimental consequences for startups: A privacy breach may trigger legal consequences and regulatory scrutiny, especially for a startup that operates in areas with stringent data protection laws...more
Indiana has amended its breach notification law to require entities to notify individuals “without unreasonable delay, but not more than forty-five (45) days after the discovery of the breach.” It clarifies that a delay is...more
On November 18, 2021, the Federal Deposit Insurance Corporation, the Board of Governors of the Federal Reserve System, and the Office of the Comptroller of the Currency issued a joint final rule to require banking...more
As the onslaught of data breaches and ransomware attacks continues, state governments are grappling with ways to bolster the impact and reach of breach notification laws. All fifty states, Puerto Rico, Guam, the Virgin...more
The surge in new health apps and connected devices, which only increased during the pandemic, continues to raise many legal and ethical questions. As a result, lawmakers have been scrambling to define the obligations...more
Ransomware Attacks Predicted to Occur Every 11 Seconds in 2021 with a Cost of $20 Billion - Confirming what we are seeing in the field, cybersecurity firm Cybersecurity Ventures has predicted that, globally, businesses in...more
On June 28, 2018, California’s new privacy bill A.B-375 was signed into law as the California Consumer Privacy Act of 2018 (“CCPA”). On October 10, 2019, the California Attorney General issued proposed regulations for...more
On 28 May 2019, the Cyberspace Administration of China (CAC) released the “Data Security Management Measures (Draft for Comments)” (Draft Measures) (unofficial English translation here), containing detailed rules to expand...more
Although South Africa’s first comprehensive piece of data protection legislation, the Protection of Personal Information Act (POPIA), was originally signed into law in November 2013, the substantive provisions of the law have...more
On April 18, 2018, the Government of Canada published the final regulations relating to mandatory reporting of privacy breaches under Canada’s Personal Information Protection and Electronic Documents Act (“PIPEDA”). ...more
In May 2018, the General Data Protection Regulation (GDPR) entered into effect in EU member states, replacing a longstanding and less rigorous data and e-privacy directive. ...more