The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
No Password Required: LIVE From Sunshine Cyber Con
Every spring, BakerHostetler collects, analyzes, and compares key metrics on the incident response matters we handled in the prior year. The output – our Data Security Incident Response (DSIR) Report – highlights key findings...more
Get focused insights on compliance management for nonprofits - From fraud and conflict of interest to tax exemption, fundraising, and data security, nonprofit organizations are faced with significant compliance issues,...more
In an increasingly interconnected healthcare landscape, third party relationships play a critical role in operations, but they also introduce significant risk. To address this challenge, our webinar delves into the...more
Working from home requires heightened attention to compliance with privacy protection and data security laws. The basis for such compliance, inter alia, is the Israeli Privacy Protection Authority’s guidelines, “Emphases for...more
We are all familiar with the mantra on the importance of managing third-party risk to prevent anti-corruption, sanctions, money laundering and associated risks. Over the last ten years, however, we have observed a new and...more
Join Kristy Grant-Hart, CEO at Spark Compliance Consulting, and Carrie Penman, chief risk and compliance officer at NAVEX, for a 90-minute webinar summarizing our annual Top 10 Trends in Risk and Compliance eBook. In this...more
Cybersecurity is a growing concern for all nonprofit organizations, especially those that store, process, and transmit sensitive data. While it is common to think of the cyber issue as relevant to digital communications and...more
Despite strengthening security across and beyond the business, many legal organizations overlook a critical vulnerability with surprising frequency – the risk presented by third parties. Cybersecurity risk is further...more
Matt Kelly, Editor & CEO of Radical Compliance makes a strong case in this podcast for a need to reassess cyber risk. It is becoming, he says, less of a technical issue and more about how companies interact with others: ...more
Join SCCE virtually for the 10th Annual ECEI - Can't attend the conference in-person? The European Compliance & Ethics Institute, 22-23 March 2022, allows you to hear from today’s compliance and ethics leaders on the...more
Join SCCE in Amsterdam for the 10th Annual ECEI - Want to learn more about the challenges facing the European and global compliance and ethics community? Join us for the 10th Annual European Compliance & Ethics...more
Join Mayer Brown partners Richard Assmus and Oliver Yaros as they discuss with host Julian Dibbell how to address the IP pitfalls in data monetization. Their discussion will focus on the unseen value of data, the difficulties...more
While organizations have increasingly embraced cloud computing as a solution to their data management and other needs, they do so in an environment of heightened risks. Attacks on cloud providers are increasing, which makes...more
Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more
As summarized in the first installment of our two-part blog series, President Biden recently issued a sweeping Executive Order aimed at improving the nation’s cybersecurity defense. The Order is a reaction to increased...more
Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds...more
Ubiquiti, a manufacturer of products used for networks such as routers, webcams and mesh networks, announced this week that an unauthorized access to its systems hosted by a third-party cloud provider may have compromised...more
Though we are disappointed we will not be together in-person, we remain dedicated to providing a first-class learning experience while keeping the health and well being of everyone a top priority. The ECEI will have the...more
Register for NAVEX Next, our annual risk and compliance virtual conference. Formerly the Ethics & Compliance Virtual Conference (ECVC), the new name recognizes that we must be forward-looking as we face an increasingly...more
Staying on top of what’s new in data privacy is tough. As Robert Bond, Partner and Notary Public at the UK-based law firm Bristows explains, over 100 countries have drafted or implemented new data privacy laws in 2019. To...more
In an unusual move, Delta Airlines (Delta) sued one of its vendors last week for the data breach it experienced in 2017. It’s an unusual move for several reasons. First, in our experience when a vendor causes a data breach,...more
As data are quickly becoming significant corporate assets, lawyers need to help companies both maximize the value of their data and protect the business against any associated risks. This is particularly true in M&A...more
A challenging risk management project that many clients are addressing is vendor management. Ever since the Target breach, when an HVAC vendor’s employee clicked on a phishing email that allowed an intruder to compromise...more
Security researchers and cybersecurity experts recently discovered a weakness in Fiserv’s web platform, which may have exposed the personal and financial details of customers across hundreds of internet banking sites. The...more
Today we are going to take a look at some of the basic policies and procedures that you need to have in place to comply with the new General Data Protection Regulation (GDPR) effective May 2018. I am joined in the exploration...more