Daily Compliance News: July 22, 2025, The I-9 Hell Edition
New Virginia "Workplace Violence" Definition and Healthcare Reporting Law: What's the Tea in L&E?
What the One Big Beautiful Bill Act Means for Employers - #WorkforceWednesday® - Employment Law This Week®
Understanding the New Overtime Tax Policies in the Big Beautiful Bill
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
(Podcast) California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
Podcast - Navigating the Updated SF-328 Form
Five Tips for a New Public Company Director
Compliance Tip of the Day: Internal Control Deficiencies
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance into the Weeds: Autonomous AI Whistleblowing Misconduct
REFRESH Nonprofit Basics: Federal Tax Filing Deadlines and Penalties
(Podcast) California Employment News: Back to the Basics of Employee Pay Days
California Employment News: Back to the Basics of Employee Pay Days
Nonprofit Quick Tip: State Filings in Virginia and West Virginia
Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
REFRESH Nonprofit Basics: Insider Transactions and Nonprofits
In its FY 2026 budget, Ohio quietly folded in a sweeping cybersecurity mandate that will require every “political subdivision” to have a cybersecurity program that aligns with recognized industry frameworks and adopt strict...more
As the California Privacy Protection Agency (CPPA) prepares for its July 24, 2025, meeting, it released a revised set of California Consumer Privacy Act (CCPA) regulations that contain modest changes to the ones it released...more
On July 18, 2025, the Cyberspace Administration of China (the “CAC”) issued the Notice on Launching the Reporting Mechanism for Personal Information Protection Officers (the “Notice ”). This development marks a significant...more
While appointing and registering a DPO has been mandatory in China for many years, a portal has now finally been established for organisations to register those DPOs with the China data protection authority. This resolves...more
As cybersecurity threats escalate, state legislatures across the country are tightening requirements for how insurance entities respond to data breaches – and thanks to a new law just passed several weeks ago, Missouri is...more
On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more
To help prevent countries of concern or “covered persons” from accessing U.S. government-related data and Americans’ bulk sensitive personal data, the National Security Division (NSD) of the U.S. Department of Justice (DOJ)...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
Cyber regulations are crucial for the protection of individuals and businesses and aid in risk minimization; failure to comply with these regulations can result in severe consequences such as financial penalties, legal...more
Recent months have seen a spate of high-profile cyber incidents that have affected UK companies and disrupted supply chains, keeping cybersecurity on the front pages and at the top of UK companies’ agendas. In response to the...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
Cyber, Privacy, and Technology Report - Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. State Action: North Dakota Passes Law...more
While most state data breach notification statutes contain similar components, there are important differences, meaning a one-size-fits-all approach to notification will not suffice. What’s more, as data breaches continue to...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
Here are the top items you should tackle in June, based on the latest workplace law developments and upcoming critical compliance dates...more
Key Takeaways - - Utah has introduced five new bills that further shape its existing Artificial Intelligence Policy Act and add new requirements. - Both the scope of disclosure requirements surrounding the use of AI...more
On April 28, 2025, Congress passed the “TAKE IT DOWN Act.” In addition to criminalizing intentional publication of non-consensual intimate imagery, including computer-generated intimate imagery (collectively, NCII), the bill...more
The OECD's AI recommendations encourage Member States to uphold principles of trustworthy AI. Status of the AI Regulations - The Adherents have agreed to promote, implement, and adhere to the Recommendation. The Principles...more
While the US federal government is largely scaling back its rulemaking and compliance efforts, one critical exception is where personal data and technology intersect with national security. Exemplifying this trend, on April...more
The NAIC’s privacy protections and cybersecurity working groups have continued their building efforts....more
Le 26 mars 2025, le Commissariat à la protection de la vie privée du Canada (le « CPVP ») a déployé, à l’intention des organisations, un outil d’autoévaluation du risque réel de préjudice grave à la vie privée (l’« outil »)....more
On March 26, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a privacy breach real risk of significant harm assessment tool (Tool) for organizations....more
The new Department of Justice (DOJ) rule governing international transfers of Americans’ information, codified at 28 C.F.R. Part 202, became effective on April 8, 2025....more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates...more