Moving Beyond the Usual Helpline Data
Episode 381 -- NAVEX's 2025 Annual Hotline Report
CSC Guidance Unveiled: NIL Enforcement and Implications for Collectives — Highway to NIL Podcast
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
New Virginia "Workplace Violence" Definition and Healthcare Reporting Law: What's the Tea in L&E?
What the One Big Beautiful Bill Act Means for Employers - #WorkforceWednesday® - Employment Law This Week®
Understanding the New Overtime Tax Policies in the Big Beautiful Bill
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
(Podcast) California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
Podcast - Navigating the Updated SF-328 Form
Five Tips for a New Public Company Director
Compliance Tip of the Day: Internal Control Deficiencies
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: What is a Gap Analysis
Compliance into the Weeds: Autonomous AI Whistleblowing Misconduct
REFRESH Nonprofit Basics: Federal Tax Filing Deadlines and Penalties
(Podcast) California Employment News: Back to the Basics of Employee Pay Days
Rhode Island has enacted Senate Bill 603 (SB603), effective July 2, 2025, establishing a comprehensive cybersecurity framework for nonbank financial institutions licensed by the state’s Department of Business Regulation...more
In July 2025, the California Privacy Protection Agency (CPPA) Board unanimously approved new regulations pursuant to the California Consumer Privacy Act (CCPA) that specifically address the use of automated decisionmaking...more
As the California Privacy Protection Agency (CPPA) prepares for its July 24, 2025, meeting, it released a revised set of California Consumer Privacy Act (CCPA) regulations that contain modest changes to the ones it released...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
Citing “escalating global conflict,” the New York Department of Financial Services issued an alert on Monday, June 22, 2025, to its regulated covered entities, urging them to be vigilant against potential security threats,...more
North Dakota recently passed a law establishing new rules for certain financial companies operating in the state – specifically “financial corporations.” The new obligations will take effect on August 1, 2025. They will apply...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more
Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more
Our Privacy, Cyber & Data Strategy Team discusses the new Cyber Resilience Act (CRA) that affects manufacturers and distributors of connected devices that are in use anywhere in the European Union....more
New York hospitals have less than a year to dust off their Health Insurance Portability and Accountability Act (HIPAA) compliance programs and update them to comply with more stringent and detailed state regulations. Last...more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
In December 2023, the New York Department of Financial Services (NY DFS) issued amendments to the cybersecurity requirements, originally adopted in 2017, which include expanded control requirements and stricter reporting...more
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
Share on Twitter Print Share by Email Share Back to top “The basic idea for covered firms is if you’ve got a breach, then you’ve got to notify. That’s good for investors.” Those were among the remarks that U.S. Securities and...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
Cybersecurity success depends on more than just technology. As we’ve seen in part one and part two of this series on cybersecurity risk, the costs of a cyber attack are high – and bad actors always look for the easiest entry...more
In the December Public Company Watch, we cover key issues impacting public companies, including a preview of the SEC’s latest regulatory agenda, an update regarding the Fifth Circuit vacating the SEC’s share repurchase rules,...more
On November 13, 2023, Governor Kathy Hochul announced plans to regulate cybersecurity for New York general hospitals regulated under Article 28 of the Public Health Law. As proposed, the regulations will provide an additional...more
Last month the Federal Acquisition Regulatory (FAR) Council announced a major proposal regarding cybersecurity incident reporting and information. Comments currently are now due by February 2, 2024....more
On 30 October 2023, President Biden issued a long-awaited executive order (EO) on artificial intelligence (AI). The EO itself is available here, and a one-page fact sheet issued by the White House is available here. The...more
SEC Adopts Final Rules on Cybersecurity Disclosures - The SEC has adopted rules requiring companies to provide disclosure within four business days of determining that a material cybersecurity incident has occurred, and...more
The Board of the California Privacy Protection Agency (the CPPA) held its first meeting since July on Friday, September 8, 2023, and discussed the first public draft of cybersecurity audit regulations and risk assessment...more
The New York Department of Financial Services (DFS) has been increasingly active in enforcing the rigorous cybersecurity requirements imposed on “covered entities” under 11 NYCRR Part 500 (Reg 500). DFS has published an...more