Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
Compliance Tip of the Day: Avoiding CCO Liability
Compliance Tip of the Day: COSO Governance Framework - Part 5, People
SkadBytes Podcast | Tech’s Shifting Landscape: Five Trends Shaping the Conversation
Balch’s Consumer Finance Compass: How Standing Can Make or Break Certification for Class Action Lawsuits in Debt Collection
Top challenges with Compliance Management
Innovation in Compliance: Allison Lagosh on Proactive Compliance Planning for Regulatory Changes
Daily Compliance News: July 15, 2025, The Fighting Workplace Bullying Edition
Compliance Tip of the Day: Design - Centric Internal Controls
Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
#Risk New York Speaker Series – Exploring Future Regulatory Trends and Compliance Strategies with Rory McGrath
The Capital Ratio Podcast | Entering the US Banking Market
SCOTUS Clean Air Act Cases: What’s New?
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
From Permits to Penalties: A Deep Dive Into Coastal Development Law
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
In its FY 2026 budget, Ohio quietly folded in a sweeping cybersecurity mandate that will require every “political subdivision” to have a cybersecurity program that aligns with recognized industry frameworks and adopt strict...more
On July 18, 2025, the Cyberspace Administration of China (the “CAC”) issued the Notice on Launching the Reporting Mechanism for Personal Information Protection Officers (the “Notice ”). This development marks a significant...more
While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more
On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
Cyber regulations are crucial for the protection of individuals and businesses and aid in risk minimization; failure to comply with these regulations can result in severe consequences such as financial penalties, legal...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
The OECD's AI recommendations encourage Member States to uphold principles of trustworthy AI. Status of the AI Regulations - The Adherents have agreed to promote, implement, and adhere to the Recommendation. The Principles...more
The NAIC’s privacy protections and cybersecurity working groups have continued their building efforts....more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates...more
As if legal and compliance professionals had enough responsibilities on their plates, DOJ dropped another shoe (to join the tariffs, sanctions and export controls, and immigration issues) and upped the stakes for ethics and...more
On April 23, 2025, Quebec’s Regulation respecting the management and reporting of information security incidents by certain financial institutions and by credit assessment agents (Regulation) will come into force. Issued by...more
On April, 8 2025, the Department of Justice’s final rule, implementing the Biden-era Executive Order 14117 restricting the transfer of Americans’ Sensitive Personal Data and United States Government-Related Data to countries...more
The US Department of Justice’s (DOJ’s) Final Rule on preventing access to US sensitive personal data, published in the Federal Register on January 8, 2025, will prohibit or significantly restrict the transfer of or other...more
INTERPOL’s Commission for the Control of INTERPOL’s Files (CCF) has finished its first session of the year and has listed the 2025 sessions on INTERPOL’s website as follows...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
Ling Chi was a slow and torturous method of execution practiced in Imperial China. Better known in English as "death by a thousand cuts", ling chi took a terribly long time to kill the condemned prisoner....more
The UK Payment Systems Regulator (PSR) has published a policy statement outlining its approach to publishing authorised push payment (APP) scams data for 2024. In 2025, the PSR will take a different approach to publishing...more
Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more
On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more
As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more