Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 2 - Risk Assessment
FCPA Compliance Report: Fraud Risk Management - Insights and Experiences with Peter Schablik
#Risk New York Speaker Series – Inside Behavioral Insights: Tom Hardin on Compliance at #RiskNYC
Compliance Tip of the Day: COSO Framework
#Risk New York Speaker Series: Exploring AI Risks in Compliance with Gwen Hassan
Healthcare Enterprise Risk Management
Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
Large Language Models (“LLMs”) are a subset of artificial intelligence (“AI”) which use a type of machine learning called deep learning in order to understand how characters, words, and sentences function together. The advent...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
Life science companies will have to grapple with unique questions in complying with the European Artificial Intelligence Act, including the scope of the law’s research exemption and the use of AI in personalized medicine and...more
Key Points - Colorado’s new AI law creates new obligations for developers and deployers of high-risk artificial intelligence (AI) systems. Similar to the EU AI Act, the law is risk-based and defines a “high-risk” AI system as...more
California continues to push beyond other states in developing and implementing privacy and cybersecurity regulations. The latest evidence came from the recent release of draft regulations from the California Privacy...more
Recent breakthroughs in generative artificial intelligence (AI) have captured significant media attention. Developers argue that the technology, which learns from data to produce new text, visual, or audio content based on a...more
Keypoint: The CPRA, CPA and VCDPA require data protection assessments for certain processing activities; however, when and how entities must conduct and prepare assessments varies....more
Managing the COVID-19 outbreak requires adopting measures that have never been seen before. Such measures, aimed at monitoring how the virus spreads, inevitably require processing "personal data," including health information...more
Most experts agree that whichever regulatory jurisdiction an organisation is subject to, there are five common fundamentals involved in providing effective corporate compliance....more
Since the first enforcement actions have been initiated, some with significant fines, many companies may find themselves somewhat at a loss as they may not fully know how to assess the risks involved and how to react should...more
A collection of real-world compliance failures that have been organized into four key compliance program categories: leadership, structure, innovation and integration. Paired with expert commentary from Tom Fox, these pro-tip...more
As we sip champagne reflecting on the first anniversary of the effective date of the European General Data Protection Regulation (GDPR), we consider the obligations that employers should bear in mind....more
Why does this topic matter to organisations? The GDPR does not necessarily apply to every organisation in the world. It applies to all organisations that are established in the EU. However, for organisations established...more
In the first installation of our weekly series during National Cybersecurity Awareness Month, we examine information security plans (ISP) as part of an overall cybersecurity strategy. Regardless of the size or function of an...more
Although the GDPR comes into effect on May 25, 2018, the breadth of its reach will continue to develop long after its effective date. Domestic companies should be aware that the rules will likely change over time. While this...more
GDPR: A Snapshot - The GDPR updates the EU’s 1995 framework data privacy law—which is outdated due to the technological advances that have occurred since the mid-1990s. The European Commission proposed the GDPR in 2012,...more
Last month we hosted our annual ‘Intellectual Values’ seminar in London which this year focused on the ‘connected world’. Sarah Turner, an IP partner in our Tech Hub, gave a talk on the steps companies can take to improve...more
With less than six months until the May 25, 2018, effective date for the European Union (EU) General Data Protection Regulation (GDPR), companies are assessing their GDPR readiness and concentrating their compliance efforts...more
Global companies face a daunting array of risks – anti-corruption, trade compliance, antitrust, and money laundering are just a few. The European Union, however, has escalated the data privacy issue right into the corporate...more
In-house attorneys Olga Mack and Katia Bloom on risk management, data security, privacy, and client trust in the rapidly developing IoT Age....more
On April 27, 2016 the European Council and Parliament adopted a new data protection law: the General Data Protection Regulation (GDPR). The following briefing is a summary of key issues and a checklist of initial tasks to...more