From Forest to Fortune: Navigating Workplace Ethics With Robin Hood — Hiring to Firing Podcast
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Episode 381 -- NAVEX's 2025 Annual Hotline Report
AI and the False Claims Act
Disparate Impact & Enforcement Rollbacks: What’s the Tea in L&E?
What’s in Your Operating Agreement? Legal Tips for Healthcare Providers
Compliance Tip of the Day: AI and 3rd Party Risk Management
Daily Compliance News: July 31, 2025 the Forgotten Generation Edition
A New Brand of Uncertainty? — PE Pathways Podcast
The Rise of OTAs in Defense Contracting: Opportunities, Risks, and What Contractors Need to Know
Breaking the Cycle: Flooding, Infrastructure, and Climate Law in Practice
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Understanding BBB Ratings: Building Trust and Mitigating Risks — Regulatory Oversight Podcast
Compliance Tip of the Day: Bringing Predictive Analytics into Your Compliance Regime
Innovation in Compliance: Scaling Compliance Programs: Insights from a Navy Veteran and Compliance Leader
Daily Compliance News: July 29, 2025 the Is CEO Conduct Ever Personal Edition
Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
False Claims Act Insights - The Mathematics of Nuclear FCA Verdicts
Compliance Tip of the Day: Strategies for Embedding Compliance into your Organization
On June 30, 2025, Governor Mike DeWine signed into law (HB 96), a cybersecurity mandate that applies to all political subdivisions in Ohio—including counties, municipalities, townships, and school districts. ...more
Cyber incidents such as the 2024 event involving Change Healthcare, which compromised the personal information of over 100 million people, highlight the evolving nature of cyber threats – increasingly becoming risk management...more
Organizations seeking to improve their cybersecurity posture in 2025 must assess what happens after an incident has occurred, and how an incident response team will be able to mobilize to respond. This article provides...more
The maritime industry has become a prime target for hackers. In the last few years, it has seen a steep increase in the number of shipping-related cyberattacks. The recent surge marks a new and pressing challenge for ports...more
WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more
On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more
After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more
The first year of a new significant regulatory obligation is often more notable for the absence of regulatory enforcement actions as regulators often observe compliance efforts and challenges, offer guidance, and look for...more
Part of the Biden Administration’s push to enhance U.S. cybersecurity capabilities has focused on imposing new requirements on government contractors. The 2023 National Cybersecurity Strategy suggested, for example, that...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
A previous installment discussed the centrality of network topology to an organization’s data security and outlined the legal framework and obligations incumbent upon many organizations in the U.S. The first installment can...more
Earlier this week, the SEC accused SolarWinds Corporation (“SolarWinds” or the “Company”) and its Chief Information Security Officer (“CISO”) of committing scienter-based securities fraud, among other violations, for...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more
In what can best be described as a tsunami of cybersecurity regulation, the Federal Acquisition Regulation (FAR) Council—consisting of the Department of Defense (DoD), General Services Administration (GSA), and National...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Key Point: To avoid inadvertently increasing enforcement and litigation risks, companies should consider these suggestions to minimize headaches with the SEC’s final rules that mandate (a) disclosures in annual report of...more
A cyber incident response plan is a set of guidelines and protocols designed to help an organization detect, respond, contain, and manage any form of a cybersecurity breach. It outlines how best to safeguard the organization...more
Colorado Attorney General Seeks Rulemaking Comments for the Colorado Privacy Act - With the Notice of Proposed Rulemaking set for fall 2022, Colorado’s Attorney General office is currently inviting preliminary comments for...more
Legal Framework - Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws? The United States generally addresses cybersecurity...more
The federal government has responded to recent data breaches by making cybersecurity a top priority, and it continues to consider and implement a number of regulations that affect government contractors. Over the past...more