Compliance Tip of the Day: Bringing Predictive Analytics into Your Compliance Regime
Compliance into the Weeds: Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Sanctions Compliance Failures: Lessons from Harman International and Interactive Brokers
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
France's Data Protection Authority (the “Commission Nationale de l'Informatique et des Libertés” or “CNIL”) has issued comprehensive recommendations intended to assist businesses that are develop artificial intelligence...more
On 19 June 2025, CNIL published two additional “how-to-sheets” on artificial intelligence, one on legitimate interest and the other on the collection of data via web scraping. These documents aim to clarify the rules...more
On June 2, 2025, the New Jersey Office of Consumer Protection announced proposed rules for New Jersey’s comprehensive consumer privacy law, the New Jersey Data Privacy Act (NJDPA), which went into effect on January 16, 2025....more
Large Language Models (“LLMs”) are a subset of artificial intelligence (“AI”) which use a type of machine learning called deep learning in order to understand how characters, words, and sentences function together. The advent...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
The European Data Protection Board (EDPB) has released a comprehensive opinion addressing key data protection concerns related to the development and deployment of artificial intelligence (AI) models. The opinion, requested...more
As each year passes and technology advances, businesses face an increasingly difficult task to maintain adequate security measures to protect their organizations’ assets and data. With this in mind, it is important to review...more
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
With the launch of OpenAI’s ChatGPT in November 2022, one of the hot buzzwords is “artificial intelligence” (“AI”). Recently, more and more companies, especially small and medium-sized enterprises, purchase AI solutions from...more
INTRODUCTION - The rapid development of Artificial Intelligence (AI) has generated much excitement over the past two years. Since the public launch of Open AI's ChatGPT on 30 November 2022, generative AI and its...more
As Artificial Intelligence (AI) continues to evolve and integrates into business processes, the Office of the Privacy Commissioner for Personal Data (PCPD) released its Artificial Intelligence: Model Personal Data Protection...more
On April 12, Nebraska Governor Jim Pillen signed Legislative Bill 1074 into law, making Nebraska the 16th U.S. state to enact a comprehensive privacy law. The Nebraska Data Privacy Act (NEDPA) will take effect on January 1,...more
In recent years, we have seen an increase in employers using artificial intelligence (AI) in the workplace, whether to assist with decision-making and staff management across the life-cycle of the employment relationship or...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
The guidance encourages organisations to formulate a data breach response plan, and outlines recommendations for handling an increasing number of data breach incidents. On 30 June 2023, the Office of the Privacy...more
Data protection assessments are required for high-risk processing activities in a rapidly growing set of federal, state, and international comprehensive privacy laws. These assessments are triggered by processing activities,...more
For most large companies, a frictionless flow of information and the ability to transfer customer data, employee files, financial records and other information around the world quickly and cost-effectively is a critical...more
2022 was yet another eventful year in terms of GDPR compliance. The continued evolution of the enforcement landscape, with increasing number of sanctions and individuals exercising their rights required time and attention...more
In our four-part blog series on Schrems II and its impacts, we have already given the state of data transfers in light of the Schrems II decision as well as some practical tips on how to conduct a risk assessment. In sum, the...more
The New York Department of Financial Services (NYDFS) has become a frequent topic of these alerts. In recent weeks we have covered multiple actions from the regulator, including its first enforcement action, its SolarWinds...more
New and comprehensive privacy and cyber regulations continue to proliferate across the globe. These are not your father’s data breach notification laws. The scope of information included within these mandates has expanded...more
As many in the U.S. were ringing in the New Year on January 1, 2020, the long-anticipated California Consumer Privacy Act (CCPA) became effective. This statute’s main intent is to protect the privacy of California residents...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
Since the first enforcement actions have been initiated, some with significant fines, many companies may find themselves somewhat at a loss as they may not fully know how to assess the risks involved and how to react should...more