Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
California regulators unanimously approved a sweeping set of regulations on July 24 governing the use of automated decision-making technology (ADMT) and mandating risk assessments and cybersecurity audits for businesses...more
During a Board Meeting on July 24, 2025, the California Privacy Protection Agency (CPPA) unanimously approved the long-awaited final text of its second rulemaking package, implementing a broad swath of new requirements...more
Join Thora Johnson and Jeremy Sherer to learn about: Evaluating compliance through privacy notices Key questions to address, from leadership accountability to employee training...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board voted to approve a long-awaited rulemaking package imposing substantial new compliance obligations on businesses subject to the California Consumer...more
At its latest meeting, the CPPA voted to finalize its regulations governing automated decisionmaking tools, cybersecurity audits, and privacy risk assessments - On July 24, the California Privacy Protection Agency ("CPPA")...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) unanimously adopted a comprehensive rulemaking package under the California Consumer Privacy Act (CCPA) that primarily addresses automated decisionmaking...more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board approved a final package of amendments to the regulations implementing the California Consumer Privacy Act (CCPA). These sweeping changes impose...more
We have repeatedly warned our readers about the risks associated with TikTok. We are reminding our readers that the popular Temu app raises the same concerns....more
On July 24, 2025, the California Privacy Protection Agency (CPPA) Board held a public meeting to finalize major amendments to the CCPA regulations, including rules on Automated Decision-Making Technology (ADMT), risk...more
On July 24, 2025, the California Privacy Protection Agency (“CPPA”) unanimously voted to adopt a package of Proposed Regulations for the California Consumer Privacy Act (“CCPA”), marking a significant development in...more
On July 24, 2025, during its scheduled Board Meeting, the California Privacy Protection Agency (CPPA) Board voted unanimously to finalize rules governing the use of automated decision-making technology, risk assessments,...more
As the California Privacy Protection Agency (CPPA) prepares for its July 24, 2025, meeting, it released a revised set of California Consumer Privacy Act (CCPA) regulations that contain modest changes to the ones it released...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
This post is one in a series where we discuss the US Department of Justice’s (DOJ’s) bulk sensitive data rule (rule), which prohibits individuals or entities from certain foreign countries, including China, from accessing...more
Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies,...more
On April 8, 2025, the Department of Justice’s Final Rule, titled “Provisions Pertaining to Preventing Access to U.S. Sensitive Personal Data and Government-Related Data by Countries of Concern or Covered Persons,” (the “Final...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
In an era where digital threats are more sophisticated than ever, cybersecurity has become a pressing concern for family enterprises. These businesses are attractive targets for cyberattacks and need to balance the critical...more
Katten's Privacy, Data and Cybersecurity Quick Clicks is a monthly newsletter highlighting the latest news and legal developments involving privacy, data and cybersecurity issues across the globe....more
On May 9, the California Privacy Protection Agency (CPPA) announced it opened the formal public comment period for its proposed regulations concerning updates to the California Consumer Privacy Act. The proposed rules would...more
After a relatively slow start to 2025, the California Privacy Protection Agency (CPPA) is firing on all cylinders now. In recent weeks, the CPPA (i) revised the proposed Delete Request and Opt-out Platform (DROP) regulations...more
On May 1, 2025, the California Privacy Protection Agency (“CPPA”) Board convened to discuss revisions to the California Consumer Privacy Act (“CCPA”) draft regulations on cybersecurity audits, risk assessments, automatic...more
The California Privacy Protection Agency (“CPPA”) Board released newly modified draft regulations addressing automated decision-making technology (“ADMT”), risk assessments, and cybersecurity audits under the California...more
As cyberattacks and cybercriminals are becoming increasingly sophisticated, safeguarding employee benefit plans, including health and welfare plans, is crucial. The Employee Benefits Security Administration of the U.S....more
On April 4, 2025, the California Privacy Protection Agency (CPPA) Board met to discuss the latest draft California Consumer Privacy Act (CCPA) regulations related to cybersecurity audits, risk assessments, automated...more