DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
In a world with increasingly interconnected companies, vendors, suppliers, logistics partners, and cloud services providers, Third-Party Risk Management (TPRM) has advanced from being an annual checklist exercise to a...more
Cybersecurity is now a core element of legal, regulatory, and business risk management. In Latin America and the Caribbean, organizations face mounting pressure to demonstrate proactive compliance with evolving data...more
Business continuity used to live in a binder, often reviewed once a year and quickly forgotten. Today, it has become a critical part of day-to-day risk management and operational strategy....more
On October 16, 2024, the New York State Department of Financial Services (NYDFS) released guidance highlighting the cybersecurity risks associated with artificial intelligence (AI) and how covered entities regulated by NYDFS...more
Keypoint: The New York Department of Financial Services (NYDFS) circulated an industry letter offering guidance to NYDFS “Covered Entities” for assessing and managing AI-related cybersecurity risks, including threats...more
The COVID-19 pandemic has significantly reshaped the facilities management (FM) outsourcing landscape. Companies have transitioned from fully office-based work to home-based work, and now to hybrid models, prompting a...more
Effective information security is no longer just dependent on an organisation’s own internal cybersecurity controls. The UK Information Commissioner’s Office (ICO) highlights that third-party service providers are processing...more
What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more
In a blog post entitled “New activity from Russian actor Nobelium,” Microsoft’s V.P. of Customer Security & Trust Tom Burt discussed a recent alert issued by the Microsoft Threat Intelligence Center (MSTIC) regarding the...more
The Department of Labor recently issued cybersecurity guidance to retirement plans. The department’s Employee Benefits Security Administration (EBSA) issued guidance in three areas: (1) hiring and working with vendors and...more
The New York State Department of Financial Services recently issued recommendations to financial institutions in the aftermath of the SolarWinds cyberattack. In that attack, hackers inserted malware into SolarWinds software...more
On April 27, 2021, the New York State Department of Financial Services (“DFS” or the “Department”) released a report regarding its investigation into the response by DFS covered entities to the SolarWinds supply chain attack....more