Workplace Sexual Assault and Third-Party Risk: What’s the Tea in L&E?
Law School Toolbox Podcast Episode 509: Listen and Learn -- Third-Party Rights in Contracts (Part 2 - Beneficiaries)
Law School Toolbox Podcast Episode 508: Listen and Learn -- Third-Party Rights in Contracts (Part 1 - Rules)
Compliance Tip of the Day: Leveraging AI for Real-Time Third-Party Risk Management
Episode 365 -- Four Sanctions Cases Everyone Should Know
The Privacy Insider Podcast Episode 12: Compliance Is Good Business: Getting Beyond Fines with Tom Fox of Compliance Podcast Network
Bar Exam Toolbox Podcast Episode 296: Listen and Learn -- Third-Party Rights in Contracts (Part 1 - Rules)
Corporate Use of Third-Party Artificial Intelligence (AI) Tools
One Month to More Effective Written Standards: Day 17 – Policies for Third-Parties
Third Party Observation in Patent Prosecution in China
Consumer Finance Monitor Podcast Episode: Recent Federal and State Debt Collection Developments
Thobekile Cynthia Khumalo on Third Party Due Diligence
Protecting Trade Secrets When Facing Lawsuits or Alternative Dispute Resolution Procedures
Education Data Privacy and Security Laws: Best Practices for School Districts
Episode 162 -- Jessica Sanderson on How to Conduct a Remote Third Party Audit
VIDEO: Update on Third Party Workers’ Compensation Settlements in Pennsylvania
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
Subro Sense Podcast - Unpacking Product Claims Against Amazon
Business Succession Planning: Strategies for the Transition
E17: Carpenter Decision Builds Up Privacy from #SCOTUS
In a world with increasingly interconnected companies, vendors, suppliers, logistics partners, and cloud services providers, Third-Party Risk Management (TPRM) has advanced from being an annual checklist exercise to a...more
In today’s healthcare environment, compliance is a defining element of patient care quality, operational integrity, and public trust. Oversight from agencies such as the Office for Civil Rights (OCR), the Centers for Medicare...more
The Department of Justice’s (“DOJ”) Data Security Program (“the Program”, 28 C.F.R. Part 202) went into effect on April 8 with a 90-day period of limited enforcement. With DOJ now expecting full compliance, with additional...more
The rapid evolution of large language models (LLMs), retrieval-augmented generation (RAG), and Model Protocol Context (MCP) implementation has led many developers and teams to quickly adopt and integrate these powerful...more
Cybersecurity breaches originating from third-party providers (TPPs) are an escalating concern for Australian businesses. As supply chain risks grow, there is a mounting public expectation that the entity that commissioned...more
On January 28, 2025, FINRA published its annual regulatory oversight report for 2025 (Report), which highlights observations and findings from FINRA’s oversight programs. The Report covers 24 topics, and for each topic it...more
Those familiar with the industry know that cannabis retailers find themselves in a unique position compared to other product retailers. Cannabis retailers face significant regulatory hurdles to their operation—particularly in...more
Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more
If you are a GrubHub customer, read carefully. The app has confirmed a security incident involving a third-party vendor that allowed an unauthorized threat actor to access user contact information, including some customer...more
In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more
In light of recent cyberattacks targeting the federal government and United States supply chains, President Biden’s administration has released an Executive Order (the “Order”) in an attempt to modernize and enhance the...more
The Hong Kong Securities and Futures Commission (SFC) has issued a circular that sets forth comprehensive guidelines and expectations for licensed corporations (LCs) regarding the responsible use of generative artificial...more
Data privacy-related lawsuits have skyrocketed in recent years. Federal courts saw over 900 data privacy dockets in 2020 – but witnessed a surge to 1,767 dockets in 2023. At the halfway point in 2024, federal court data...more
At the 2024 SCCE European Compliance & Ethics Institute, Segev Shani, Chief Compliance & Regulatory Officer at Neopharm Group will be leading the session “Corporate Use of Third-Party Artificial Intelligence (AI) Tools.” In...more
The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more
In honor of Data Privacy Week, each day this week Miller Nash is releasing one of our top five recommendations for where businesses should focus their privacy compliance efforts in 2024. If you need assistance reviewing your...more
The FTC is proposing significant changes to the Children’s Online Privacy Protection Act (COPPA) rule to place new restrictions on the use and disclosure of children’s personal information. The COPPA Rule requires websites...more
Most Financial Services Institutions (FSIs) have digital technology at their core. And a primary responsibility for most FSIs is “cyber-connect” customers – be they organizations or individuals – with their money simply and...more
No industry is immune to privacy and cybersecurity risks, and the construction industry is no exception. Those in the construction industry can protect against a potential cyberattack by understanding the risks and...more
Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more
In April, the Department of Labor, specifically the Employee Benefits Security Administration, issued cybersecurity guidance to assist in protecting “the retirement benefits of America’s workers.” This guidance falls neatly...more
New York AG Letitia James reached a settlement with online water filtration retailer Filters Fast LLC to resolve allegations that it failed to protect customers’ payment card information in a 2019 data breach in violation of...more
The SolarWinds hack highlights the critical need for organizations of all sizes to include cyber supply chain risk management as part of their information security program. It is also a reminder that privacy and security...more
To round out this series on right-sizing a privacy program, our last stop is thinking about the impact of working with third parties. There are many legal requirements to assess and/or to address in third party contracts when...more
The Federal Trade Commission (FTC) recently announced a settlement with Zoom Video Communications, Inc. (Zoom) after allegations that Zoom misled users through deceptive and unfair practices that made users believe their...more