Artificial Intelligence (AI) is revolutionizing industries globally, from healthcare to finance, retail, technology, and education, enabling businesses and consumers alike to achieve their tasks more efficiently and...more
The National Institute of Standards and Technology (NIST) published its Artificial Intelligence Risk Management Framework (NIST AI 100-1) in January 2023.
The NIST AI Framework consists of 19 categories and 72...more
The National Institute of Standards and Technology (NIST) published its Artificial Intelligence Risk Management Framework (NIST AI 100-1) in January 2023...more
In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our article titled An Introduction to the EU AI Act, we focused on applicability, thresholds, timing, and penalties related to the EU...more
4/19/2024
/ Artificial Intelligence ,
Cybersecurity ,
Data Protection ,
EU ,
European Commission ,
European Data Protection Board (EDPB) ,
General Data Protection Regulation (GDPR) ,
Machine Learning ,
Regulatory Oversight ,
Reporting Requirements ,
Risk Management ,
Risk-Based Approaches ,
Technology Sector
The National Institute of Standards and Technology (NIST) Artificial Intelligence Risk Management Framework, published in January 2023, was designed to equip organizations with an approach that increases the trustworthiness...more
In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. Our article titled “An Introduction to the EU AI Act” focused on applicability, thresholds, timing, and penalties related to the EU AI...more
In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our prior article titled “An Introduction to the EU AI Act,” we focused on the applicability, timing, and penalties of the EU AI...more
On December 8, 2023, European Union (EU) lawmakers reached an agreement on the EU’s AI Act. The EU AI Act has many similar themes to the EU’s General Data Protection Regulation (GDPR) and reflects a big step forward in the...more
1/25/2024
/ Artificial Intelligence ,
Biometric Information ,
Critical Infrastructure Sectors ,
EU ,
Fines ,
General Data Protection Regulation (GDPR) ,
Governance Standards ,
New Legislation ,
Noncompliance ,
Risk Management ,
Threshold Requirements
The collection of personal data by organizations in the sports industry creates unique data privacy challenges. Generally, a business-to-consumer organization is focused on the personal data of its customers and separately...more
3/15/2023
/ California Privacy Rights Act (CPRA) ,
Collective Bargaining Agreements (CBA) ,
Compliance ,
Data Collection ,
Data Privacy ,
Data Protection Impact Assessments (DPIAs) ,
EU ,
General Data Protection Regulation (GDPR) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Personal Data ,
Revenue ,
Risk Management ,
Sports
After much anticipation, the European Commission has published new Standard Contractual Clauses (SCCs). Under the General Data Protection Regulation (GDPR), when personal data of individuals in the European Economic Area...more
6/14/2021
/ Cybersecurity ,
Data Processors ,
Data Protection ,
EU ,
European Economic Area (EEA) ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
National Security ,
Personal Data ,
Schrems I & Schrems II ,
Standard Contractual Clauses
Organizations are closely tracking which of their vendors previously relied on Privacy Shield. Separately, they are preparing Transfer Impact Assessments (“TIAs”) to evaluate and address risks associated with personal data...more
6/1/2021
/ Binding Corporate Rules ,
Court of Justice of the European Union (CJEU) ,
Cybersecurity ,
Data Protection ,
Data Protection Authority ,
EU ,
EU-US Privacy Shield ,
European Data Protection Board (EDPB) ,
FISA ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personal Data ,
Personally Identifiable Information ,
Risk Mitigation ,
Schrems I & Schrems II ,
Standard Contractual Clauses