DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
On August 13, 2025, the Innovation, Cybersecurity, and Technology (H) Committee (“H Committee”) of the US National Association of Insurance Commissioners (“NAIC”) met at the NAIC’s Summer 2025 National Meeting in Minneapolis,...more
Kilpatrick’s Greg Silberman recently led a session at the 21st annual KTIPS (Kilpatrick Townsend Intellectual Property Seminar) on “Faulty Intelligence: Responding to an AI Incident”, focusing on how legal, security, and...more
In a win for Wiley’s client, a Florida federal court held that a professional services exclusion barred coverage for underlying litigation arising out of the insured’s faulty DNA analysis services. A DNA laboratory provided...more
As cybersecurity threats escalate, state legislatures across the country are tightening requirements for how insurance entities respond to data breaches – and thanks to a new law just passed several weeks ago, Missouri is...more
California is once again at the forefront of privacy regulation, this time with a sharp focus on the insurance sector. California’s proposed Senate Bill 354, styled as the Insurance Consumer Privacy Protection Act of...more
The past few years have seen a surge of activities from states with respect to the introduction and adoption of consumer privacy bills. These bills vary from state to state, but generally include requirements around data...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
The Digital Operational Resilience Act 2022/2554 (DORA) is a European regulation that will come into force on January 17, 2025. The regulation aims to strengthen the digital operational resilience of the financial sector...more
On July 17, 2023, the Innovation, Cybersecurity and Technology (H) Committee of the National Association of Insurance Commissioners (NAIC) released for comment a highly anticipated model bulletin (Model Bulletin) on...more
The past several decades have muddied what once was a clear relationship between policyholders and their insurers. For pre-1987 occurrence-based policies in particular, policyholders face an increasingly familiar scenario:...more
New High Court case considers nature and scope of the Quincecare duty - In June, the Court of Appeal expanded the scope of a bank’s duty of care to protect its customers from fraud to encompass instructions by those other...more
In a June 14, 2021 information letter, the US Department of Labor (DOL) opined that a claimant appealing an adverse benefit determination under a plan covered by the Employee Retirement Income Security Act of 1974, as amended...more
Keypoint: New York’s Division of Financial Services (DFS) now requires Property and Casualty Insurers writing cyber insurance to comply with the Division’s Cyber Insurance Risk Framework to manage their risk. In her...more
The COVID-19 pandemic and the resulting need for patient access to remote healthcare, as well as the development of contact-tracing apps, have spotlighted the importance of health-focused mobile applications (mHealth apps)....more
Covered entities received two cybersecurity wake up calls from insurance regulators this month. As we have reported, the New York State Department of Financial Services (DFS) issued its long-awaited first cyber enforcement...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
The FDIC and OCC have issued new guidance for banks on heightened cybersecurity risks facing the financial services industry because of increased geopolitical tensions and threats of aggression. The guidance published on...more
In State Farm Fire & Cas. Co. v. Amazon.com, Inc., No. 3:18CV166-M-P, 2019 U.S. Dist. LEXIS 189053 (Oct. 31, 2019), the United States District Court for the Northern District of Mississippi considered a Motion for Judgment on...more
Ohio recently followed South Carolina as the second state to adopt cybersecurity legislation modeled after the NAIC’s Insurance Data Security Model Law. The Ohio law, Senate Bill 273, applies to insurers authorized to do...more
March is now here and with it the Cybersecurity Regulation of the New York Department of Financial Services (NYDFS) is now in full force and effect, including requirements relating to Third Party Service Providers (e.g.,...more
In a recent letter, the New York Department of Financial Services provided guidance for insurers who use third party data to help with their underwriting decisions. The letter was drafted in response to reports that insurers...more
Assignment of Benefit Scams - According to the Coalition Against Insurance Fraud, about $80 billion is stolen every year by unscrupulous companies supposedly acting in the best interests of U.S consumers during critical...more
Vantage, the plaintiff, had purchased insurance from Assured Risk Transfer (ART) against the risk that a company to which Vantage had loaned $22 million would default....more
On September 4, 2018, the third stage of compliance deadlines under the New York Department of Financial Services’ (DFS) expansive cybersecurity regulation went into effect....more