Moving Beyond the Usual Helpline Data
Compliance Tip of the Day: Why Engage in Pre-acquisition Due Diligence
Innovation in Compliance: Operationalizing Trust at Scale: A Conversation with Amanda Carty on Compliance and AI
AI Today in 5: August 7, 2025. The US v. China Episode
Hill Country Authors – Exploring the Challenges of a Green Transition with Tom Ortiz
Taxing Intelligence: AI's Role in Modern Tax Administration
LathamTECH in Focus: Move Fast, Stay Compliant
AI Today in 5: August 6, 2025, The Rethinking Compliance Episode
Daily Compliance News: August 6, 2025, The Spanking Banks Edition
AI Today in 5: August 5, 2025, The AI at the SEC Episode
Compliance Tip of the Day: M&A – International Issues
From Forest to Fortune: Navigating Workplace Ethics With Robin Hood — Hiring to Firing Podcast
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
Adventures in Compliance: The Novels - The Valley of Fear, Introduction and Compliance Lessons Learned
Episode 381 -- NAVEX's 2025 Annual Hotline Report
12 O’Clock High, a podcast on business leadership: Building Trust and Relationships: The Power of Compliance and Ethics with Jacqui Pruet
Data Driven Compliance: Understanding the ECCTA and Its Impact on Fraud Prevention with Vince Walden
Daily Compliance News: August 1, 2025, The All AI Edition
AI and the False Claims Act
Compliance Tip of the Day: AI, Continuous Monitoring and Compliance
As generative artificial intelligence and machine learning continue their rapid rise in popularity and uses in business operations, manufacturers are faced with how to implement AI in a manner that allows them to take...more
In recent comments, Commissioner Holyoak signaled that the Federal Trade Commission will prioritize enforcement of the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA), a law that empowers the FTC to police...more
Learn how automating third-party risk management (TPRM) can enhance efficiency, security, and compliance and help businesses proactively address vendor risks....more
During the course of 2024, interest in generative and other types of artificial intelligence, machine learning and predictive applications and services (collectively, AI) accelerated across industries. Some sectors, such as...more
Virtually every business has signed an agreement with a software as a service (“SaaS”) provider at one time or another. And now, virtually every SaaS provider (it seems, at least) is coming out with an AI-related feature or...more
When a customer purchases software-as-a-service (SaaS)–which is sometimes called a “cloud” service or product–the software is not hosted. It does not reside at the customer’s location or data center. Rather the software is...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
The federal government is the biggest purchaser in America and that extends to the SaaS space. On September 24, 2024, the Office of Management and Budget (OMB) released Memorandum M-24-18, offering updated guidelines for the...more
Research shows that the average business shares its data with over 730 different vendors. It’s hard enough to mitigate risk within your own organization—how do you mitigate risk from more than 730 external entities?...more
As supply chains have become more digitized and interconnected, they have also become more vulnerable to a range of cyber threats. These threats not only pose risks to the direct operations of companies but also to the...more
The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more
Learning Objectives - Data privacy compliance requires the use of privacy impact assessments and data transfer assessments - What about the value of other assessments like privacy by design, online safety, AI risk,...more
Explore the unique issues that are pertinent to managed care professionals! This annual event dedicated to compliance management for health plan providers is returning to an in-person format for 2024. Join your peers and...more
In our last newsletter, we discussed due diligence as it relates to selection of vendors. The second part of that exercise is to negotiate your agreement with the vendor to properly manage any risks you identified. In this...more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more
Despite strengthening security across and beyond the business, many legal organizations overlook a critical vulnerability with surprising frequency – the risk presented by third parties. Cybersecurity risk is further...more
Security Schedules, Privacy Addenda, TOMs, DPAs—whatever you call them, privacy and cybersecurity contract terms have exploded in prevalence in recent years, bringing with them new importance that can lead to difficult and...more
With the exponential growth of cyber threats, cloud computing and remote working, contract provisions regarding data security requirements have also expanded in size and frequency. It has become common practice to prepare...more
In this fourth installment of five articles centered around the core functions within the National Institute of Standards and Technology (NIST) Privacy Framework, we cover the Communicate function and the corresponding...more
Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more
The transformation to a work from home/work from anywhere model has become the new normal and even after the pandemic ends, many expect that model to continue. This accelerated transition has forced companies to embrace...more
The SolarWinds hack highlights the critical need for organizations of all sizes to include cyber supply chain risk management as part of their information security program. It is also a reminder that privacy and security...more
When risk is stranger than fiction - While this might seem a fictitious depiction of how strategy and action gain momentum and approval within an organization, I promise you: It’s not farfetched. Anyone who’s had a few years...more
Among the many other hard lessons the COVID-19 pandemic has been teaching businesses, there’s this one: Vendor risk management has become even more complex than before. Frighteningly complex, in fact, making it even more...more
Data breaches are a hot topic and will undoubtedly get even hotter. Cybersecurity for your own enterprise isn’t enough — you must evaluate your vendors and determine if they’re prepared to resist cyberattacks. ...more