Moving Beyond Checkbox Diligence with SOC Reports
AI State Regulatory Frontiers: Inside the New Wave of State AI Laws — Regulatory Oversight Podcast
AI State Regulatory Frontiers: Inside the New Wave of State AI Laws
Charting a Course for Collections: Diagnosing Compliance and Privacy Risks in Medical Debt — The Consumer Finance Podcast
AI State Regulatory Frontiers: How Existing Laws Regulate AI — Regulatory Oversight Podcast
Episode 406 -- AI Risks and Compliance: Building a Governance Framework
DOJ’s Bulk Sensitive Data Transfer Rule: Key Insights for Health Care Compliance Teams – Diagnosing Health Care
Decrypted Podcast | Decoding NIS2: Europe's New Cybersecurity Playbook
PODCAST – 2026 To Do: HIPAA Compliance
2026 To Do: HIPAA Compliance
Employer AI Headaches: Job Postings, Client Privilege, and Microchip Bans - Employment Law This Week®
No Password Required: Project Manager at Rapid7 and Queen of Cyber Media
Episode 402: Paul Allen: The Promise of AI, Governance and Public Trust
AI Exacerbates Data Minimization Challenges
Podcast - Registro de infieles: ¿Violación de datos personales?
Decrypted Podcast | The First 72 Hours of a Ransomware Attack
No Password Required: AI Security Researcher and Documentarian of Spirituality and Play
NYC Enforcement Blitz, CA Surveillance Pricing, and PA Criminal History Rule Update - #WorkforceWednesday® - Employment Law This Week®
The Privacy Insider Podcast Episode 23: How CalPrivacy Balances Enforcement, Transparency, and Innovation with Tom Kemp of the California Privacy Protection Agency
2026 Trends to Watch: Regulation, Infrastructure and IP in Motion
Global medical device company Medtronic recently confirmed that it had been attacked by the threat actor group, ShinyHunters. According to Bleeping Computer, Medtronic is “the largest medical device maker in the world by...more
The Driver’s Privacy Protection Act (DPPA) may not draw as much regular attention as statutes like the VPPA, CCPA, or TCPA, but it remains a source of privacy litigation risk where motor vehicle record information is...more
California companies may have less time than they think to prepare for privacy audits. The California Privacy Protection Agency’s (CPPA) new Audits Division, created in February 2026, is expected to begin assessing companies’...more
Fashion, beauty, and wearable technology brands are heading into 2026 with a lot more to think about concerning data privacy. What used to feel like a back-end legal issue is now shaping how companies design products,...more
In the category of how technology can be fun, yet dangerous, a 19 year old college student alleges that the dating app Meete took a video she innocently posted on TikTok of her high school graduation, then “overlayed it with...more
The public learned on May 7 that Instructure, the company that manages Canvas, suffered a massive data breach that could impact a huge swath of schools and students across the country. Canvas is the most widely employed...more
The extortion group ShinyHunters defaced Canvas login pages at universities across North America on Thursday, opening what appears to be a second wave of pressure against learning-platform parent Instructure ahead of a May 12...more
On April 29, 2026, the United States Supreme Court issued a unanimous decision in First Choice Women’s Resource Centers, Inc. v. Davenport, holding that a faith-based nonprofit organization has Article III standing to...more
The June 3, 2026, deadline for "smaller entities" to comply with the 2024 amendments to U.S. Securities and Exchange Commission (SEC) Regulation S-P is fast approaching. This Holland & Knight alert provides a brief overview...more
New data from Gartner estimates that U.S. state privacy fines reached $3.4B in 2025 — more than the prior five years of state privacy fines combined — with continued enforcement growth expected through 2028....more
La Cour d’appel de la Colombie-Britannique (la « CACB ») a récemment confirmé la compétence juridictionnelle des tribunaux de la Colombie-Britannique à l’égard d’entités étrangères exerçant des activités commerciales...more
Heightened geopolitical tension is commonly accompanied by a measurable increase in cyber risk. In February 2026, Dr Mohamed Hamad Al Kuwaiti, Head of the UAE Cybersecurity Council (the Council), announced that “over 90,000...more
On April 28, 2026, Maryland Democratic Gov. Wes Moore signed House Bill 895, the Protection From Predatory Pricing Act (the Act). In passing the Act, Maryland becomes the first state to regulate personalized pricing, also...more
On April 30, 2026, Instructure—the company behind Canvas, the leading learning management system in North America—disclosed a major cybersecurity incident. Canvas supports roughly 41percent of higher education institutions on...more
Hogan Lovells' Retail and Fashion team attended “The Future of AI” webinar hosted by Vogue Business on May 7, 2026. The webinar explored key findings from Vogue Business' multi-part “Future of AI” series, which included a...more
Charitable fundraising is under increased regulatory oversight and heightened donor expectations as evidenced by four recent developments. Together with the possible end of one fundraising channel and start of an innovative...more
The Federal Communications Commission’s (FCC) efforts to combat illegal robocalling are poised to expand soon, with the FCC adopting a Further Notice of Proposed Rulemaking (KYC FNPRM) by a 3-0 vote at the April 30, 2026 FCC...more
The Federal Risk and Authorization Management Program (FedRAMP), a cybersecurity assessment and authorization program for cloud service providers (CSPs) used by federal agencies, has proposed a significant overhaul of its...more
On December 16, 2025, the European Commission (the "Commission") published a proposal for a European Biotech Act (the "Proposed Biotech Act" or "Proposal"). The Proposed Biotech Act is a central pillar of the Commission's...more
First: the EU digital regulatory stack is dense and EU enterprises cannot manage it through instrument-by-instrument analysis alone. An integrated framework is not optional but it is the only professionally sound approach. ...more
The threat landscape is compounding the pressure: software supply chain compromises, AI tool proliferation, and concentration risk across technology providers and supplier ecosystems are routine exposures now, not edge cases....more
Employee privacy continues to be a complex and evolving area. As workplace technology advances and states enact new protections, employers are increasingly called upon to balance business interests with employees’ reasonable...more
Connecticut AG William Tong praised the state General Assembly’s passage of Senate Bill 5, which was proposed in part by his office and Governor Ned Lamont to curb addictive social media features for minors and strengthen...more
The European co-legislators have reached a political agreement on the Digital Omnibus on AI (AI Omnibus) that will modify and simplify certain provisions of the EU AI Act (Regulation (EU) 2024/1689), ahead of the majority of...more
A sweeping new federal legislative proposal could reshape how American companies collect, use, and profit from consumer data. Here is what you need to know. Your compliance team is already toggling between 20+ state privacy...more
