When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Uncovering Hidden Risks: Ep 13 - Unveil Data Security Paradoxes
As healthcare technology continues to evolve, so does the need for robust compliance strategies to safeguard patient information and ensure the integrity of medical devices. In a joint September 19, 2024 presentation, the...more
In the realm of mergers and acquisitions (M&A), due diligence is a critical phase where a buyer’s acquisition team assesses potential risks and opportunities before finalizing the terms of an agreement to purchase its target...more
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
Learn the key principles of compliance - no travel required! If you’re new to or have minimal experience in compliance management don’t miss this opportunity to build the foundational knowledge you need! SCCE’s four-day...more
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
The recent massive data breach at National Public Data (NPD), a background check company, has potentially compromised the personal information of millions, if not billions, of individuals, including their Social Security...more
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more
Defining the role of inherent risk in cybersecurity - Inherent risk is a concept that while fundamental to cybersecurity, has largely been disregarded by popular cybersecurity risk guidelines and standards and remains arcane...more
Fragile or volatile supply chains, increases in regulatory obligations and enforcement, natural disasters, inflation, political turmoil – all complicated issues for any business to navigate. Among the myriad business...more
HCCA's Healthcare Research Compliance Academy is a three-and-a-half-day comprehensive training program with a focus on the topics and issues that affect research compliance professionals. Our faculty of experienced...more
As Artificial Intelligence (AI) continues to evolve and integrates into business processes, the Office of the Privacy Commissioner for Personal Data (PCPD) released its Artificial Intelligence: Model Personal Data Protection...more
This three-and-a-half-day, classroom-style learning experience is designed for compliance professionals ready to advance their career by mastering the fundamentals of compliance program management in a healthcare setting....more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
Today is World Password Day, a day for organizations to remind their employees of the importance of using strong passwords and practicing good password hygiene to protect personal and work accounts. Given the large number of...more
On March 28, 2024, the Office of Management and Budget (“OMB”) issued Memorandum M-24-10, Advancing Governance, Innovation, and Risk Management for Agency Use of Artificial Intelligence (the “Memo”). This is the final version...more
The consequences of a cyberattack can be catastrophic, as we saw in the previous blog of this series. Cybersecurity is a business-wide responsibility that demands a proactive strategy extending far beyond technical solutions...more
Editor's Note: In a significant study from MIT's CSAIL, researchers have unveiled vulnerabilities in smartphone ambient light sensors, highlighting them as potential channels for privacy breaches. This discovery underscores...more
Colorado is the latest state to introduce a bill focused on consumer protection issues when companies develop AI tools. The bill imposes obligations on developers and deployers of AI systems. Additionally, the bill provides...more
I’m not a cyber expert, but as a compliance professional with accountability for internal investigations of employee and third-party misconduct I’ve had a front row seat to the evolution of risk that has mirrored the mass...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
On February 28, 2024, President Biden signed Executive Order (EO) 14117 titled “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” On March 5,...more