DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
Why do companies need AI governance policies and procedures? In part because the legal landscape around AI is so unsettled....more
If your company uses a third-party tool to power your website chat function or AI-assisted customer service, the 9th Circuit Court of Appeals just delivered a ruling you should know about. On July 9, the court affirmed...more
As cybersecurity threats escalate, state legislatures across the country are tightening requirements for how insurance entities respond to data breaches – and thanks to a new law just passed several weeks ago, Missouri is...more
Over a year after his office’s last privacy enforcement action, on July 1, 2025, California Attorney General Rob Bonta (AG) announced a new California Consumer Privacy Act (CCPA) settlement with Healthline Media LLC...more
Last year, the US Internal Revenue Service (IRS) released Form 15620 for taxpayers to make elections under section 83(b) of the Internal Revenue Code, an important part of US tax planning for founders, employees, board...more
Thanks to three primary revenue bills that were signed into law earlier this year, taxes are going up in the state of Washington, in particular for large service businesses, estates and individuals earning capital gains. ...more
On July 1, 2025, the Office of Inspector General (OIG) of the U.S. Department of Health and Human Services issued Advisory Opinion No. 25-08, concluding that a medical device manufacturer’s proposed payment to access a...more
On July 1, the California Attorney General (CA AG) announced a $1.55 million settlement – the largest penalty issued under the California Consumer Privacy Act (CCPA) to date – with Healthline, an online health and wellness...more
The debt settlement industry is fast emerging as a significant portion of the overall consumer financial services market, yet many still do not understand the space. Please join Hudson Cook partner Cathy Brennan as she...more
The New York State Department of Financial Services (the “Department”) has issued guidance (“Guidance”) to all individuals and entities regulated by the Department (“Regulated Entities”) to underscore the importance of...more
In a decision about ERISA’s fiduciary duties and transparency, the Sixth Circuit in Tiara Yachts, Inc. v. Blue Cross Blue Shield of Michigan held that Blue Cross Blue Shield of Michigan (BCBSM), a third-party administrator...more
For physicians with independent practices, engaging a third-party billing company to manage the billing process is an attractive option. Medical billing is increasingly complex and time consuming, and outsourcing that...more
California is once again at the forefront of privacy regulation, this time with a sharp focus on the insurance sector. California’s proposed Senate Bill 354, styled as the Insurance Consumer Privacy Protection Act of...more
DORA (Digital Operational Resilience Act) is an EU regulation that sets rules for how financial entities manage ICT (Information and Communication Technology) risks. It covers areas like cyber resilience, incident reporting,...more
The past year has brought a number of federal appellate rulings under the Video Privacy Protection Act (VPPA), 18 U.S.C. § 2710, one of the statutes under which plaintiffs have been filing numerous claims in recent years...more
Strategic sales teams know that speed and consistency aren’t just nice to have – they are essential. But when creative resources are stretched thin or siloed in marketing, sales enablement efforts can stall. The result?...more
Certain transactions between employee benefit plans and “parties in interest” are prohibited under the Employee Retirement Income Security Act of 1974, as amended (ERISA). ...more
The U.S. Department of Treasury (Treasury) released final and proposed regulations under § 861 of the Code addressing the U.S. federal income tax classification of digital content and cloud computing transactions (the “Final...more
The past few years have seen a surge of activities from states with respect to the introduction and adoption of consumer privacy bills. These bills vary from state to state, but generally include requirements around data...more
As of April 1, 2025, all merchants and third-party service providers (TPSPs) involved in processing credit or debit card payments must fully adhere to the enhanced security requirements outlined in the Payment Card Industry...more
On 12 March 2025, the California Privacy Protection Agency (CPPA) settled with an automaker that allegedly violated various aspects of the California Consumer Privacy Act (CCPA). This first-of-its-kind settlement for the...more
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
In a notable development for corporate defendants grappling with consumer privacy litigation, the Southern District of New York has recently issued a decision in Lee v. Springer Nature America, Inc., embracing a broadened...more
EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more