Moving Beyond the Usual Helpline Data
Compliance Tip of the Day: Why Engage in Pre-acquisition Due Diligence
Innovation in Compliance: Operationalizing Trust at Scale: A Conversation with Amanda Carty on Compliance and AI
AI Today in 5: August 7, 2025. The US v. China Episode
Hill Country Authors – Exploring the Challenges of a Green Transition with Tom Ortiz
Taxing Intelligence: AI's Role in Modern Tax Administration
LathamTECH in Focus: Move Fast, Stay Compliant
AI Today in 5: August 6, 2025, The Rethinking Compliance Episode
Daily Compliance News: August 6, 2025, The Spanking Banks Edition
AI Today in 5: August 5, 2025, The AI at the SEC Episode
Compliance Tip of the Day: M&A – International Issues
From Forest to Fortune: Navigating Workplace Ethics With Robin Hood — Hiring to Firing Podcast
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Adventures in Compliance: The Novels - The Valley of Fear, Introduction and Compliance Lessons Learned
Episode 381 -- NAVEX's 2025 Annual Hotline Report
12 O’Clock High, a podcast on business leadership: Building Trust and Relationships: The Power of Compliance and Ethics with Jacqui Pruet
Data Driven Compliance: Understanding the ECCTA and Its Impact on Fraud Prevention with Vince Walden
Daily Compliance News: August 1, 2025, The All AI Edition
AI and the False Claims Act
Compliance Tip of the Day: AI, Continuous Monitoring and Compliance
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
A privacy breach can have detrimental consequences for startups: A privacy breach may trigger legal consequences and regulatory scrutiny, especially for a startup that operates in areas with stringent data protection laws...more
Report on Patient Privacy 23, no. 12 (December, 2023) Northwell Health in New York and Cook County Health in Chicago each experienced impacts from a breach at Nevada-based transcription company Perry Johnson & Associates...more
Typically, we beat the drum of the need to prepare for a data incident—anything from a full-blown ransomware attack to an employee accidently sharing data with the wrong person—by having your Incident Response Plan developed...more
I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more
This second part of a two-part series on U.S. regulation of artificial intelligence systems highlights state legislation and litigation to watch concerning AI systems, and provides practical takeaways as we look toward the...more
Businesses can breathe a little easier now that one of the world’s top five ransomware networks, the Hive, has been infiltrated and disbanded by the FBI....more
President Biden issued Executive Order (EO) 14083 on September 15, 2022, establishing five factors for reviews by the Committee on Foreign Investment in the U.S. (CFIUS), and areas of heightened scrutiny for transactions...more
The Cybersecurity & Infrastructure Security Agency (CISA) recently issued another warning to “every organization” in the U.S. about cybersecurity risks during the ongoing escalation of tension between the U.S. and Russia over...more
Complementing the patchwork of state data breach notification laws, a number of federal agencies recently have promulgated sector-specific reporting rules affecting a variety of companies, both directly and indirectly, with...more
Researchers at Mandiant have recently reported that a new ransomware group calling itself Sabbath appears to be the rebranded group Arcane and “picked up their pace” in November....more
OSFI, the Canadian Federal Office of the Superintendent of Financial Institutions, on August 13, 2021, issued new guidance on Technology and Cyber Security Incident Reporting, replacing prior guidance of March 2019....more
On August 25, the Cybersecurity and Infrastructure Security Agency (CISA) issued a fact sheet offering suggestions to government agencies and private companies on how to prevent and respond to a ransomware attack. ...more
According to a report issued on August 24, 2021, by Unit 42 of Palo Alto Networks Ransomware Groups to Watch: Emerging Threats, four emerging ransomware groups “are currently affecting organizations and show signs of having...more
Researchers at Heimdal Security have detected a new ransomware dubbed DeepBlueMagic. According to Heimdal, it is particularly concerning because it is able to disable security tools that companies have employed in order to...more
A heightened risk for cyberattacks and data breaches calls for companies to remain diligent as they navigate a patchwork of federal, state, local and sector-specific privacy and data protection laws, regulations and guidance....more
If you are an organization that uses Microsoft Office 365 as your email platform, be on the lookout for a new tricky phishing attack recently used by cyber criminals. ...more
Ransomware attacks are frequent and escalating as we speak. Double extortion scams are hitting companies at a dizzying pace, and catching companies, large and small, off-guard. U.S. President Joseph Biden warned Russian...more
Ransomware Particularly Inflicts Health Care and Life Sciences Organizations - Ransomware is a malicious cyber threat vector that employs encryption malware to prevent users from accessing their systems and data unless...more
On Thursday April 14, 2021, the U.S. Department of Labor announced guidance for plan sponsors, plan fiduciaries, record keepers and plan participants on best practices for maintaining cybersecurity. This is the first time the...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
Keypoint: New Utah law creates incentive for businesses to develop and implement a written cybersecurity program to protect themselves against data breach lawsuits. On March 11, 2021, Utah governor Spencer Cox signed the...more
In a recent letter to insurers, the New York State Department of Financial Services (“NYDFS”) acknowledged the key role cyber insurance plays in managing and reducing cyber risk – while also warning insurers that they could...more
The New York Department of Financial Services ("NYDFS") recently released its Cyber Insurance Risk Framework (the “Framework”), which provides best practices for managing cyber insurance risk....more