NYC Enforcement Blitz, CA Surveillance Pricing, and PA Criminal History Rule Update - #WorkforceWednesday® - Employment Law This Week®
The Privacy Insider Podcast Episode 23: How CalPrivacy Balances Enforcement, Transparency, and Innovation with Tom Kemp of the California Privacy Protection Agency
2026 Trends to Watch: Regulation, Infrastructure and IP in Motion
Point-of-Sale Finance Series: Privacy, Breaches, and Data Monetization — The Consumer Finance Podcast
The Briefing: Part Two: CCPA’s New Rules on Risk Assessments and Cybersecurity Audits
We get AI for work™: Analyzing "Brewer v. Otter.ai" — A Case Study of the Legal Risks of AI Note Takers
We get Privacy for work — Episode 13: Demystifying Data Mining
We get AI for work™: New Efforts to Ensure a National AI Policy
The Compliance 911 Show
The Privacy Insider Podcast Episode 22: The Data Privacy of the Dead & Critiquing the Digital Divine with Carl Öhman of Uppsala University
No Password Required: CISO at RSA and Champion of a Passwordless Future
From Diligence to Post-Closing: What’s Shifting in 2026 Health Care Transactions
Point-of-Sale Finance Series: Health Care Financing Compliance, Regulatory, and Privacy Pitfalls — Payments Pros – The Payments Law Podcast
Point-of-Sale Finance Series: Health Care Financing Compliance, Regulatory, and Privacy Pitfalls — The Consumer Finance Podcast
From Showroom to Server Room: AI in Auto Finance — Moving the Metal: The Auto Finance Podcast
Navigating Employee Data Responsibly: What’s the Tea in L&E?
AI, Algorithms, and Accountability: Unpacking the Colorado AI Act with Senator Rodriguez — Regulatory Oversight Podcast
Navigate the Money Matrix in Our Upcoming Series: Privacy, Security, and AI Explained — The Consumer Finance Podcast
No Password Required: Virtual CISO at Trace3 and Roller Derby Penalty Box Visitor
Block & Order | Building on Layer 1 with Jennie Levin: Algorand, Policy Shifts & Tokenization’s Future
The Health Insurance Portability and Accountability Act of 1996, and its implementing regulations (“HIPAA”), address how health care providers may use and/or disclose patient information. In that regard, HIPAA mandates that...more
On March 5, 2026, Colin Zick presented to the MassRobotics Healthcare Catalyst Program on the topic, "Robotics and Health Information: Navigating Clinical Deployments in Light of Current Trends in Health Information Privacy...more
In the final episode of this three-part series on artificial intelligence, we shift our focus to patients. In particular, what and how to communicate with your patients regarding the organization’s use of artificial...more
On February 17, 2026, the U.S. District Court for the Southern District of New York issued a ruling in United States v. Heppner, No. 25‑cr‑00503‑JSR (S.D.N.Y. Oct. 28, 2025), holding that the attorney‑client privilege and the...more
Last week, we kicked off a three-part series on artificial intelligence, starting with a discussion on how to manage AI risks related to employees. This week, we’re covering the basic processes providers should adopt for the...more
Under the revised NYDFS Cybersecurity Regulation, covered entities must implement and enforce MFA for all access to all information systems — not just adopt MFA tools — and carefully document any CISO-approved compensating...more
On March 2, 2026, the U.S. Court of Appeals for the Ninth Circuit issued a significant decision, in Freeman v. 3Commas Technologies OÜ, reversing a district court’s dismissal of a class action against an Estonian software...more
On February 25, 2026, the US Court of Appeals for the Fifth Circuit issued a significant decision in Bradford v. Sovereign Pest Control of TX, Inc., holding that the Telephone Consumer Protection Act (TCPA) does not require...more
The Cybersecurity and Infrastructure Security Agency (“CISA”) will be hosting a series of upcoming virtual town hall meetings related to its rulemaking under the Cyber Incident Reporting for Critical Infrastructure Act...more
Repeat after me: you cannot raise a consent defense at the pleadings stage unless the complaint specifically alleges the fact consent was provided. It always makes me cringe when I see TCPA defendants lobbing purported...more
Recent technological advances have enabled the emergence of agentic AI — systems that can automate a range of tasks, potentially saving time and money for organizations....more
On January 30, 2026, the California Senate passed a new bill, SB 574, to impose restrictions on attorneys (and arbitrators) using generative artificial intelligence (“generative AI”) in their practice....more
Following the Supreme Court’s decision in McLaughlin Chiropractic Associates v. McKesson Corp., which we discussed last year in depth, federal courts have gained the ability to deviate from the Federal Communications...more
Texas AG Ken Paxton reached a settlement with Samsung to resolve allegations that the company violated the Texas Deceptive Trade Practices Act by collecting user viewing data without their informed consent....more
Privacy and cybersecurity developments in 2025 were driven by ongoing regulatory development and enforcement. In the United States, federal and state authorities advanced detailed security, audit, and reporting frameworks....more
Iowa AG Brenna Bird filed a lawsuit against General Motors LLC and its subsidiary OnStar LLC for allegedly violating the Iowa Consumer Fraud Act by collecting and selling drivers’ vehicle data without adequate disclosure or...more
On 17 February 2026, Thailand's Regulation on the Examination and Certification of Binding Corporate Rules within the Same Affiliated Business or the Same Group of Undertakings B.E. 2568 (2025) (“BCR Regulation”) took effect...more
Higher education institutions continue to navigate a complex litigation environment shaped by aggressive federal oversight, heightened plaintiff activity and a fast-evolving regulatory landscape. Part 1 of our series examined...more
In a significant win for businesses fighting CIPA claims, a California federal court just held that searching sensitive health terms and distributing that information to third parties is not a legally protectable privacy...more
The Internal Revenue Service has unveiled a new web page on IRS.gov that allows taxpayers to confidentially report suspected tax fraud or evasion, scams, and other tax-related illegal activities. In a press release, IRS...more
AI‑powered notetaking tools which can record or transcribe employment-related discussions and meetings have quietly entered the workplace, often through everyday applications employees already use....more
Private equity (PE) firms increasingly recognize that value creation depends on disciplined procurement of business services, particularly technology, in addition to financial engineering and operational optimization. Whether...more
As readers of this blog know, the commonplace use of third-party tracking technology on consumer-facing websites has led to an influx of California Invasion of Privacy Act (“CIPA”) claims. While some of these claims are...more
The Royal Court endorsed the ODPA’s position that “appropriate” technical and organisational measures must be put in place with reference to the sensitivity and risk profile of the data itself. The fact that the...more
ISSUES AFFECTING ALL SCHEMES - DATA (USE AND ACCESS) ACT 2025 – HANDLING COMPLAINTS - The requirement under the Data (Use and Access) Act 2025 (the “Act”) for organisations to have a process in place for handling data...more
