AI Today in 5: August 5, 2025, The AI at the SEC Episode
Compliance Tip of the Day: M&A – International Issues
From Forest to Fortune: Navigating Workplace Ethics With Robin Hood — Hiring to Firing Podcast
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Adventures in Compliance: The Novels - The Valley of Fear, Introduction and Compliance Lessons Learned
Episode 381 -- NAVEX's 2025 Annual Hotline Report
12 O’Clock High, a podcast on business leadership: Building Trust and Relationships: The Power of Compliance and Ethics with Jacqui Pruet
Data Driven Compliance: Understanding the ECCTA and Its Impact on Fraud Prevention with Vince Walden
Daily Compliance News: August 1, 2025, The All AI Edition
AI and the False Claims Act
Compliance Tip of the Day: AI, Continuous Monitoring and Compliance
Disparate Impact & Enforcement Rollbacks: What’s the Tea in L&E?
What’s in Your Operating Agreement? Legal Tips for Healthcare Providers
Compliance Tip of the Day: AI and 3rd Party Risk Management
Daily Compliance News: July 31, 2025 the Forgotten Generation Edition
A New Brand of Uncertainty? — PE Pathways Podcast
The Rise of OTAs in Defense Contracting: Opportunities, Risks, and What Contractors Need to Know
Breaking the Cycle: Flooding, Infrastructure, and Climate Law in Practice
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
The second post in our data loss prevention series offers a roadmap for implementing Microsoft Purview DLP to secure sensitive data in AI-influenced environments. From discovery and classification to policy enforcement,...more
Two settlements recently announced by the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) reinforce the agency’s emphasis on promoting thorough risk analysis to help prevent disclosure of...more
“You don’t rise to the level of your goals. You fall to the level of your systems.” — James Clear - Most security programs look good on paper. Policies exist. Controls are mapped. Frameworks are followed. Audits get...more
A single outage can spiral into hours of downtime, frustrated customers, and significant revenue loss across your business....more
The Bank of England and the Prudential Regulation Authority (PRA) have released a letter to PRA-regulated firms and relevant financial market infrastructure (FMIs) outlining the thematic findings from the 2024 Cyber Stress...more
I didn’t plan on working in cybersecurity. My path wasn’t exactly traditional, but every job I had taught me how systems break—technical or operational, it didn’t matter. ...more
Information leaks pose a growing and multifaceted risk to organizations across sectors. While often associated with cybersecurity breaches, the majority of such incidents stem from human error or intentional misconduct. On 25...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
The Washington Post (2013) found that one-sixth of all embezzlement cases in the U.S. involve nonprofit and religious organizations, ranking just behind the financial sector. This statistic is jarring but not entirely...more
During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more
When planning a major design development project, whether it’s a corporate campus, data center, or mixed-use facility, deciding how much to invest in security can be a complex question. A practical, risk-based approach to...more
Last week’s NFL draft highlighted more than the accomplishments of athletes at the combine or on the field. While there was extensive coverage of the merits of each player, one of the major headlines coming out of the draft...more
On April 3, NIST published practical incident response guidance aligned with its CSF 2.0 framework. The guidance outlines best practices in security incident preparation and response for organizations mapped across each of...more
Spring has arrived, and in addition to cleaning, it’s a good time to reassess how your company is handling its trade secrets. Far from being static, trade secret innovations, processes, and data evolve over time. Business...more
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more
When it comes to compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), is your house in order? Has someone recently looked underneath the counter and...more
When evaluating AI risks, legal, ethics and compliance professionals need to divide the question into two — first, what are risks from legal, ethics and compliance internal use of AI? and second, what are business risks from...more
As we look back on the SEC’s actions in 2024, we wanted to share our thoughts on lessons learned that we believe will carry through to 2025....more
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
The EU’s Digital Operational Resilience Act (DORA) becomes binding on 17 January 2025. As the compliance deadline approaches, EU financial regulators (ESAs) have issued a flurry of statements on the act, including: - An...more
On December 19, the U.S. Department of Treasury released a report summarizing key findings from its 2024 Request for Information (RFI) on the uses, opportunities, and risks of Artificial Intelligence (AI) in financial...more
As we bid farewell to 2024, we welcome not only another year but also several new disclosure requirements. In this Snapshot, we summarize several developments and best practices for public companies to consider as the 2024...more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more