AI and the False Claims Act
Disparate Impact & Enforcement Rollbacks: What’s the Tea in L&E?
What’s in Your Operating Agreement? Legal Tips for Healthcare Providers
A New Brand of Uncertainty? — PE Pathways Podcast
The Rise of OTAs in Defense Contracting: Opportunities, Risks, and What Contractors Need to Know
Breaking the Cycle: Flooding, Infrastructure, and Climate Law in Practice
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
Understanding BBB Ratings: Building Trust and Mitigating Risks — Regulatory Oversight Podcast
Beyond the Bylaws: The Medical Staff Show - Need to Know: How to Manage Medical Staff Confidentiality and Privilege Protections
False Claims Act Insights - The Mathematics of Nuclear FCA Verdicts
PODCAST: Williams Mullen's Benefits Companion - Cost, Care and Captives: A Mid-Size Employer’s Guide to Benefit Trends
Lawyers Beware: There Could Be Serious Ethics Issues With The New AI Browsers
Avoiding a Bored Board
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
LathamTECH in Focus: Tech Deals: The Emerging Focus of FDI Regulators?
Podcast - Tips for Maintaining FTC Compliance When Using AI
Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
The Presumption of Innocence Podcast: Episode 66 - Tariff Uncertainty and Compliance Risks for Businesses
Daily Compliance News: July 22, 2025, The I-9 Hell Edition
The European Commission’s proposed amendments to the General Data Protection Regulation (GDPR) mark the first substantive reworking of the regulation since its enactment, signaling a material shift toward economic pragmatism....more
How can proactive risk management strategies help businesses navigate regulatory and economic uncertainties? Proactive risk management strategies can help businesses navigate regulatory and economic uncertainties by...more
On March 20, 2025, the new Federal Law for the Protection of Personal Data held by Private Parties (LFPDPPP of 2025) was published in the Official Gazette of the Federation. The LFPDPPP of 2025 entered into force on March 21,...more
The first compliance deadline set out in the European Union (EU)’s Regulation (EU) 2024/1689, or the EU AI Act, took effect on February 2, 2025. ...more
On January 20, 2025, President Donald Trump signed an executive order rescinding the 2023 directive issued by former President Joe Biden on artificial intelligence (AI). Biden’s order outlined extensive measures aimed at...more
Last month the new Labour government in the UK announced in the King’s Speech that it will introduce new artificial intelligence (AI) rules alongside cybersecurity and digital information bills. A brief overview of these...more
On 27 June 2024, the Spanish supervisory authority (‘AEPD’) and the European Data Protection Supervisor (‘EDPS’), announced the joint publication of a report addressing the data protection challenges associated with neuro...more
National frameworks inform India’s approach to AI regulation, with sector-specific initiatives in finance and health sectors. Laws/Regulations directly regulating AI (the “AI Regulations”) Currently, there are no...more
The enactment of Brazil's proposed AI Regulation remains uncertain with compliance requirements pending review. Laws/Regulations directly regulating AI (the “AI Regulations”) Brazil intends to regulate AI through Bill...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
In 2017, the New York Department of Financial Services (“NYDFS”) enacted a landmark regulation requiring financial services institutions such as banks and insurance companies in the state to meet substantial cybersecurity...more
Last week, the UK’s Online Safety Bill received royal assent and became law. With this development, Ofcom, the regulator for the new Online Safety Act (the Act or OSA), has published a roadmap to explain how the Act will be...more
On 19 September 2023, the UK Parliament passed the Online Safety Bill (“OSB”). The OSB aims to protect individuals from illegal online content and focuses on the protection of children by requiring the removal of content that...more
A flurry of legislative activity over the past year has brought meaningful changes to a variety of privacy and security provisions in state and federal law. At the state level, as in 2022, we have seen a handful of changes to...more
The Securities and Exchange Commission (“SEC”) adopted the final rules (the “Final Rules”) on July 26, 2023 that will require disclosure of material cybersecurity incidents, cybersecurity risk management, strategy, and...more
Although you are likely breathing a sigh of relief after just finishing compliance efforts for the California Privacy Rights Act (“CPRA”), don’t relax just yet. California has another new privacy law going into effect on July...more
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted new rules requiring public companies to disclose within four business days material cybersecurity incidents they experience and to disclose annually...more
The SEC has recently voted on new rules that will require companies to disclose material cybersecurity incidents within four days and to make disclosures about their broad cybersecurity risks in their annual report. Tom Fox...more
On July 26, a divided SEC adopted a final rule outlining disclosure requirements for publicly traded companies in the event of a material cybersecurity incident. ...more
In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies. The rules, which will become effective thirty days after publication in...more
Come December 2023, public companies will have a very narrow window to report cybersecurity incidents that materially affect their companies. Companies will also have to report annually how they assess and manage...more
Iowa becomes the fourth U.S. state to provide an affirmative defense for companies that adopt a cybersecurity framework - Iowa is the fourth state—following Ohio, Connecticut, and Utah—to provide a statutory incentive for...more
On June 12, a bipartisan group of 23 attorneys general wrote a letter to the chief counsel for the National Telecommunications and Information Administration (NTIA), recommending a risk-based approach to a regulatory...more
On March 9, 2022, the US Securities and Exchange Commission (SEC) voted 3-1 to propose new rules and amendments under the Securities Exchange Act of 1934 that would constitute the SEC’s first attempt to adopt specific rules...more
The SEC has issued proposed rules on disclosure of cybersecurity incidents. Specifically, the SEC is proposing to: Amend Form 8-K to add Item 1.05 to require registrants to disclose information about a cybersecurity...more