Innovation in Compliance - Improving Third - Party Risk Management with Paul Valente
The “Catch-22” of Preference Law
Gerry Blass on Healthcare Vendor Risk Management
Cyberside Chats: Would you bury your driver's license? (with Whitney McCollum)
Matt Silverman on Export Compliance
Thobekile Cynthia Khumalo on Third Party Due Diligence
Sitting with the C-Suite: Blending eDiscovery Vendors and Law Firms
Ledgers and Law: Real-World Planning for Cyber Attacks
Education Data Privacy and Security Laws: Best Practices for School Districts
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
Lessons for Health, Beauty & Wellness Companies [Part 2]: What Options Exist for a Vendor During Bankruptcy
Lessons for Health, Beauty & Wellness Companies: What to do When Your Buyer is in Financial Distress
Sitting with the C-Suite: How Should In-House Counsel Evaluate eDiscovery Service?
Strategies for Restaurant Owners to Survive in the New Normal
Compliance Perspectives: Supply Chain Compliance Challenges
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Compliance Perspectives: Supply Chains, Human Trafficking and Modern Slavery
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
PODCAST: Williams Mullen GovCon Perspectives - Recent Updates to the SWaM Certification Process in Virginia
As generative artificial intelligence and machine learning continue their rapid rise in popularity and uses in business operations, manufacturers are faced with how to implement AI in a manner that allows them to take...more
It is increasingly evident that artificial intelligence (AI) is reshaping all facets of business, and its impact on employee benefit plans is no exception. From automating plan administration to personalizing participant...more
In recent comments, Commissioner Holyoak signaled that the Federal Trade Commission will prioritize enforcement of the Protecting Americans’ Data from Foreign Adversaries Act (PADFAA), a law that empowers the FTC to police...more
The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more
A new lawsuit just filed against an AI software provider offers a clear warning for any business using artificial intelligence to monitor or record customer service calls. On June 13, a California plaintiff filed a federal...more
Share on Twitter Share by Email Share Back to top HIPAA Security Risk Analyses (SRAs) should be the foundation of every digital health company’s cybersecurity compliance. Far more than a checkbox exercise, a comprehensive SRA...more
These days, the explosive growth of the wellness industry—fueled by increased consumer interest in healthy lifestyle choices—presents a prime opportunity for brands to showcase their offerings through “wellness retreats” with...more
Negotiating a data processing agreement (DPA) is typically a necessary step when engaging vendors that handle personal data. However, these negotiations have become time consuming and complex, given the evolving privacy...more
Tariffs may seem like a headline reserved for economists and politicians, but at last week’s International Franchise Association (IFA) Legal Symposium in Washington D.C., they were front and center in nearly every room. From...more
More vendors were supposed to mean more protection. The thinking was simple: pick the best in every category—endpoint, identity, SIEM, automation—and assemble a flexible, layered defense. But over time, that flexibility...more
What Is Vendor Onboarding? Vendor onboarding is the process of establishing a company as an approved provider of technology, goods, or services to your organization. It’s also an essential early step in the vendor risk...more
Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more
2024 saw another strong year of Foreign Corruption Practices Act (FCPA) enforcement actions from the United States Department of Justice (DOJ) and the Securities and Exchange Commission (SEC). There were 15 resolutions with...more
Learn how automating third-party risk management (TPRM) can enhance efficiency, security, and compliance and help businesses proactively address vendor risks....more
During the course of 2024, interest in generative and other types of artificial intelligence, machine learning and predictive applications and services (collectively, AI) accelerated across industries. Some sectors, such as...more
Ensure your vendors are crisis-ready by recognizing these key indicators of weak continuity planning. The interconnected nature of modern business means that your vendors’ operational resilience can, and frequently does,...more
Virtually every business has signed an agreement with a software as a service (“SaaS”) provider at one time or another. And now, virtually every SaaS provider (it seems, at least) is coming out with an AI-related feature or...more
A Strategic Guide for Legal Departments to Optimize Their Technology Stack and Drive Efficiency in 2025 - The start of a new year brings a fresh opportunity to take stock of what’s working and what’s not – especially when...more
Artificial intelligence (AI) is everywhere these days, including your workplace. While there is no one-size-fits-all AI policy that will work for every company, here are our general thoughts about how employers can...more
When a customer purchases software-as-a-service (SaaS)–which is sometimes called a “cloud” service or product–the software is not hosted. It does not reside at the customer’s location or data center. Rather the software is...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
While record retrieval may sound like a straightforward task, legal professionals know it’s a complex, time-consuming process involving multiple entities, layers of rules and regulations, and security concerns (which...more
No organization can eliminate data breach risks altogether, regardless of industry, size, or even if the organization has taken significant steps to safeguard their systems and train employees to avoid phishing attacks....more
Uncover hidden vulnerabilities and protect your business. In today’s interconnected world, supply chain disruptions can severely impact your business. Are you confident in your supply chain’s resilience? Do you fully...more