Part Two: CCPA’s New Rules on Risk Assessments and Cybersecurity Audits
We get AI for work™: Analyzing "Brewer v. Otter.ai" — A Case Study of the Legal Risks of AI Note Takers
We get Privacy for work — Episode 13: Demystifying Data Mining
We get AI for work™: New Efforts to Ensure a National AI Policy
The Compliance 911 Show
The Privacy Insider Podcast Episode 22: The Data Privacy of the Dead & Critiquing the Digital Divine with Carl Öhman of Uppsala University
No Password Required: CISO at RSA and Champion of a Passwordless Future
From Diligence to Post-Closing: What’s Shifting in 2026 Health Care Transactions
Point-of-Sale Finance Series: Health Care Financing Compliance, Regulatory, and Privacy Pitfalls — Payments Pros – The Payments Law Podcast
Point-of-Sale Finance Series: Health Care Financing Compliance, Regulatory, and Privacy Pitfalls — The Consumer Finance Podcast
From Showroom to Server Room: AI in Auto Finance — Moving the Metal: The Auto Finance Podcast
Navigating Employee Data Responsibly: What’s the Tea in L&E?
AI, Algorithms, and Accountability: Unpacking the Colorado AI Act with Senator Rodriguez — Regulatory Oversight Podcast
Navigate the Money Matrix in Our Upcoming Series: Privacy, Security, and AI Explained — The Consumer Finance Podcast
No Password Required: Virtual CISO at Trace3 and Roller Derby Penalty Box Visitor
Block & Order | Building on Layer 1 with Jennie Levin: Algorand, Policy Shifts & Tokenization’s Future
The Privacy Insider Podcast Episode 21: What Businesses Get Wrong About Regulators and How to Fix Privacy Fast
12 Days of Regulatory Insights: Day 11 – FTC Enforcement Trends in a New Age — Regulatory Oversight Podcast
Listen: Digital Doppelgangers: Navigating AI and Likeness Rights
12 Days of Regulatory Insights: Day 8 – How State AGs Are Rewriting Social Media Rules — Regulatory Oversight Podcast
To help HIPAA covered entities comply with updated rules for substance use disorder patient records, the U.S. Department of Health and Human Services Office of Civil Rights has published updated language for Notices of...more
Today’s post concludes our series on INTERPOL’s CCF’s 2024 Activity Report. Our first post in this series explored how the CCF’s delays are problematic for notice subjects, NCBs, and INTERPOL itself. Today’s post will explain...more
The legal and practical considerations for internal compliance reviews conducted in China by corporate headquarters of international companies are non-trivial and can be daunting, both for in-house teams and external counsel....more
On February 5, 2026, a Massachusetts federal judge issued an order staying information-sharing between the IRS and ICE, as well as a preliminary injunction prohibiting Kristi Noem, Secretary of the Department of Homeland...more
On January 27, 2026, Brazil and the European Union officially announced mutual recognition of adequacy in personal data protection, reducing regulatory barriers for data-driven activities across a combined consumer base of...more
In 2025, eight new U.S. state privacy laws took effect and several states tightened existing regulations, significantly impacting healthcare organizations. Major changes include strengthened opt-out rights, new protections...more
February 13, 2026 Source: Saiber Employment Law Alert Pursuant to changes signed into law by Governor Hochul on December 19, 2025, employers in New York state will no longer be able to use an applicant’s or employee’s...more
Creating a community that is confident in recognizing concerns and making referrals to the Behavioral Intervention Team (BIT) does not happen by accident. The BIT should provide clear education, consistent messaging, and...more
Welcome to your weekly update from the A&O Shearman Pensions team, covering all the latest legal and regulatory developments in the world of workplace pensions. High Court refuses to strike out Capita litigation - The...more
Administrative subpoenas have long been a powerful tool in the federal government’s investigative arsenal. Issued without prior judicial approval and requiring only minimal procedural safeguards, these demands for documents...more
On Jan. 5, the U.S. General Services Administration (GSA) issued the revised IT Security Procedural Guide: Protecting Controlled Unclassified Information (CUI) in Nonfederal Systems and Organizations Process (the Guide)....more
Until California’s legislature provides clearer guardrails, companies should expect continued class action activity under the California Invasion of Privacy Act (CIPA), targeting common website tracking technologies....more
Although the Title IX Regulations are prescriptive in many ways, one of the ways that college and universities retain some level of flexibility is with the designation of confidential employees—employees who, for the purposes...more
In January 2026, the State of Utah, acting through its Department of Commerce’s Office of Artificial Intelligence Policy (“OAIP”), launched a first-in-the-nation pilot permitting an autonomous artificial intelligence (“AI”)...more
Employers with group health plans need to confirm that their HIPAA Privacy Notices are updated no later than February 16, 2026, to reflect changes required by the 2024 Privacy Rule....more
Key point: Last week, the Alabama legislature passed an App Store bill while Maine’s consumer data privacy bill crossed chambers. Below is the fifth update on the status of proposed state privacy legislation in 2026. This...more
Robotics and artificial intelligence are converging at an unprecedented pace. As robotics systems increasingly integrate AI-driven decision-making, businesses are unlocking new efficiencies and capabilities across industries...more
Regulatory - EMA and FDA publish guiding principles of good AI practice in drug development - On 14 January 2026, the European Medicines Agency (EMA) and the US Food and Drug Administration (FDA) jointly published the...more
While many consider a romantic relationship to be a personal matter and not an organizational issue, few realize that an employee falling for a romance scam can have a direct impact on an organization’s bottom line....more
Iowa Senate File 2172 introduces optional fault-based divorce framework, raising questions about impact on families and the court system. The new bill currently under consideration in the Iowa State Legislature would...more
On February 5, 2026, South Carolina Governor Henry McMaster signed H. 3431, Age-Appropriate Code Design (SC AACD) into law, becoming the fifth state to enact an age-appropriate design code law after California, Maryland,...more
Earlier this week, the Northern District of Illinois upheld a prohibition on the collection of debit and credit card interchange fees for sales taxes, excise taxes and gratuities if the merchant informs the acquiring bank of...more
Overview of Required NPP Changes: 42 C.F.R. Part 2 applies to patient records created by, received or acquired by any federally assisted program that provides diagnosis, treatment or referral for treatment of a substance...more
California resident Nathaniel Bee filed a lawsuit this week alleging that the ATP Tour’s website used third-party tracking technology that captured details on how visitors interacted with the site, including what content they...more
A recently filed class action offers a snapshot of the ongoing wave of lawsuits under the California Invasion of Privacy Act (CIPA) – something that has been a topic for a few years now. This latest case shows that CIPA...more
