DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
In a world with increasingly interconnected companies, vendors, suppliers, logistics partners, and cloud services providers, Third-Party Risk Management (TPRM) has advanced from being an annual checklist exercise to a...more
Two recent high profile settlements signal that the Federal Trade Commission (“FTC”) will continue to aggressively enforce violations of the Children’s Online Privacy Protection Act (“COPPA”). In a particularly high-profile...more
On August 21, 2025, the Consumer Financial Protection Bureau filed an enforcement action in connection with Chapter 11 bankruptcy proceedings for a fintech (the "Fintech") acting primarily as a third-party service provider...more
A September 18 deadline is fast approaching for certain voice service providers to comply with expanded STIR/SHAKEN requirements approved last year by the Federal Communications Commission (FCC). The FCC’s Eighth Report...more
The rapid evolution of digital technologies has ushered in a new era for the legal profession—one characterized by both unprecedented promise and intricate new hazards. As practitioners and clients alike become more reliant...more
Why do companies need AI governance policies and procedures? In part because the legal landscape around AI is so unsettled....more
Over a year after his office’s last privacy enforcement action, on July 1, 2025, California Attorney General Rob Bonta (AG) announced a new California Consumer Privacy Act (CCPA) settlement with Healthline Media LLC...more
The past year has brought a number of federal appellate rulings under the Video Privacy Protection Act (VPPA), 18 U.S.C. § 2710, one of the statutes under which plaintiffs have been filing numerous claims in recent years...more
Regulators are growing concerned about the delegation of various insurance company functions, prompting a closer examination of third-party vendors. Several groups within the National Association of Insurance Commissioners...more
On 13 December 2024, the FCA and the PRA published linked Consultation Papers on operational incident and third-party reporting (FCA CP24/28 and PRA CP17/24). The consultations aim to create a structured framework for...more
As summarized in our prior article on this topic, individual coverage health reimbursement arrangements (ICHRAs) are gaining popularity and constituting a larger part of the overall employer-provided health coverage market. ...more
The Federal Communications Commission (Commission) adopted a Report and Order authorizing telecommunications service providers with a STIR/SHAKEN caller ID authentication obligation (i.e., originating, intermediate, and...more
The FCA, PRA, and Bank of England have published their finalised critical third party (CTP) rules (and accompanying guidance) in PS24/16 Operational resilience: Critical third parties to the UK financial sector....more
The new regime will take effect on 1 January 2025, but will not diminish the responsibilities of financial services firms relying on the services of critical third parties....more
You just received a demand that you must pay an unknown party to receive your cargo—NOW WHAT? Shippers and brokers too frequently receive payment demands for transportation services that far exceed contracted amounts or any...more
On June 17, 2024, FHA announced in draft Mortgage Letter 2024-12 a proposed revision to its Defect Taxonomy to clarify that fraud or material misrepresentation involving a sponsored Third-Party Originator (TPO) is a Tier 1...more
A recently announced settlement with online alcohol addiction treatment service Monument Inc. demonstrates the Federal Trade Commission’s (FTC) continued focus on the use and disclosure of health data. The proposed settlement...more
On April 25, 2024, the FTC announced that it filed a suit against a Washington-based third-party bill payment company and two of its chief executives for engaging in allegedly deceptive and misleading practices in...more
Generative artificial intelligence (“GAI”) has the potential to revolutionize efficiency and productivity in our day-to-day working lives. But while this technology is becoming more sophisticated by the day, companies should...more
In the evolving world of lead generation and performance-based customer acquisition, the quest for profits can lead to big legal risks, some of them too large for advertisers that buy leads through third parties. Advertisers...more
On September 28, 2023, the Department of Justice (DOJ) launched a civil suit against a benchmarking service provider that signals a crack-down on benchmarking involving the exchange of competitively sensitive information. ...more
House Bill 14 (by Harris (R), House District 8, Palestine, Anderson County, Texas) - Effective September 1, 2023 - THIRD-PARTY REVIEW OF PLATS, PLANS, PERMITS AND INSPECTIONS - HB 14 adds a new Chapter 247 to the...more
The SEC continued its recent onslaught of proposed cybersecurity rules in mid-March with three new proposals covering a litany of entities, including investment advisers, broker-dealers, investment companies, clearing...more
The use of tracking technologies on websites and mobile applications (e.g., cookies) has become largely ubiquitous in our technology-driven world. Health care providers and organizations, for example, may use tracking...more
The U.S. Department of Education (Department) published its newest "Dear Colleague Letter" (DCL ID: GEN-23-03) on Feb. 15, 2023, making sweeping changes to the regulation of agreements between institutions of higher education...more