Beyond the Bylaws: The Medical Staff Show - How to Build Compliant and Effective Peer Review Processes into Your Bylaws
Moving Beyond the Usual Helpline Data
Episode 381 -- NAVEX's 2025 Annual Hotline Report
CSC Guidance Unveiled: NIL Enforcement and Implications for Collectives — Highway to NIL Podcast
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
New Virginia "Workplace Violence" Definition and Healthcare Reporting Law: What's the Tea in L&E?
What the One Big Beautiful Bill Act Means for Employers - #WorkforceWednesday® - Employment Law This Week®
Understanding the New Overtime Tax Policies in the Big Beautiful Bill
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
(Podcast) California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
California Employment News: Creating the Report for a Workplace Investigation – Part 4 (Featured)
Podcast - Navigating the Updated SF-328 Form
Five Tips for a New Public Company Director
Compliance Tip of the Day: Internal Control Deficiencies
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: What is a Gap Analysis
Compliance into the Weeds: Autonomous AI Whistleblowing Misconduct
REFRESH Nonprofit Basics: Federal Tax Filing Deadlines and Penalties
The Agency for Health Care Administration (AHCA) has proposed a new Florida Administrative Code Regulation (Rule) regarding "data breach transparency." The Rule will apply to the following...more
The Department of Justice’s (“DOJ”) Data Security Program (“the Program”, 28 C.F.R. Part 202) went into effect on April 8 with a 90-day period of limited enforcement. With DOJ now expecting full compliance, with additional...more
As the Consumer Financial Protection Bureau (CFPB) and Federal Trade Commission (FTC) scale back rulemaking and enforcement, states are advancing more prescriptive cybersecurity standards for financial institutions, including...more
While the US federal government is largely scaling back its rulemaking and compliance efforts, one critical exception is where personal data and technology intersect with national security. Exemplifying this trend, on April...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more
We explore what trustees need to be aware of when dealing with data and complying with their obligations under the Data Protection (Bailiwick of Guernsey) Law, 2017 and related legislation (the "DP Law")....more
The New York Department of Financial Services has modified its cybersecurity requirements for regulated entities. These requirements are in addition to those included in the regulations as last updated in November of last...more
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
For years, the Gramm-Leach-Bliley Act (GLBA) has required financial institutions to maintain reasonable safeguards for consumer data, but has only had limited breach-reporting requirements. To the extent financial...more
The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more
On Jan. 1, the Corporate Transparency Act (CTA) went into effect, premised on the belief that illicit actors use corporate structures like shell companies and fronts to hide their identities and launder criminal proceeds...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
Introduction: On February 12, 2024, the Federal Communications Commission (FCC) finalized a critical cybersecurity rule, Sec. 64.2011, mandating telecommunications carriers and TRS (Telecommunications Relay Services)...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
In 2024, businesses will continue to face an evolving landscape of cyber threats, along with an increasingly complex regulatory environment. With heightened scrutiny from regulators, consumers, and investors, the need to...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
This article is the second in a series of articles about Cybersecurity Awareness Month. Throughout October, K2 Integrity will be providing tips and solutions to organizations to commemorate the 20-year anniversary of the...more
On July 26, the Securities and Exchange Commission (“SEC”) finalized a much anticipated rule addressing cybersecurity risk management, strategy, governance, and incident disclosure. Public companies registered with the SEC...more
The Texas Data Privacy and Security Act (TDPSA) became law on June 16, 2023. Texas becomes the 11th state to enact a comprehensive consumer data privacy law, joining California, Virginia, Colorado, Connecticut, Utah, Iowa,...more
In May 2021, Colonial Pipeline, a privately held oil pipeline responsible for nearly half of the oil supply for the U.S. East Coast, was crippled by a DarkSide ransomware attack. DarkSide is widely believed to be a...more
President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) on March 15, 2022. The background and contours of CIRCIA are discussed in a previous update. CIRCIA authorizes and...more
The Indian Computer Emergency Response Team (“CERT-In”) issued Directions on April 28, 2022 “to strengthen the cybersecurity in the country” and that has significant implications for the cybersecurity landscape. Effective...more
The Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA), signed into law by President Biden in March 2022 as part of the Consolidated Appropriations Act of 2022, will require companies operating in...more