Moving Beyond Checkbox Diligence with SOC Reports
AI State Regulatory Frontiers: Inside the New Wave of State AI Laws — Regulatory Oversight Podcast
AI State Regulatory Frontiers: Inside the New Wave of State AI Laws
Charting a Course for Collections: Diagnosing Compliance and Privacy Risks in Medical Debt — The Consumer Finance Podcast
AI State Regulatory Frontiers: How Existing Laws Regulate AI — Regulatory Oversight Podcast
Episode 406 -- AI Risks and Compliance: Building a Governance Framework
DOJ’s Bulk Sensitive Data Transfer Rule: Key Insights for Health Care Compliance Teams – Diagnosing Health Care
Decrypted Podcast | Decoding NIS2: Europe's New Cybersecurity Playbook
PODCAST – 2026 To Do: HIPAA Compliance
2026 To Do: HIPAA Compliance
Employer AI Headaches: Job Postings, Client Privilege, and Microchip Bans - Employment Law This Week®
No Password Required: Project Manager at Rapid7 and Queen of Cyber Media
Episode 402: Paul Allen: The Promise of AI, Governance and Public Trust
AI Exacerbates Data Minimization Challenges
Podcast - Registro de infieles: ¿Violación de datos personales?
Decrypted Podcast | The First 72 Hours of a Ransomware Attack
No Password Required: AI Security Researcher and Documentarian of Spirituality and Play
NYC Enforcement Blitz, CA Surveillance Pricing, and PA Criminal History Rule Update - #WorkforceWednesday® - Employment Law This Week®
The Privacy Insider Podcast Episode 23: How CalPrivacy Balances Enforcement, Transparency, and Innovation with Tom Kemp of the California Privacy Protection Agency
2026 Trends to Watch: Regulation, Infrastructure and IP in Motion
Blake Lively has settled her claims accusing Justin Baldoni's production company of orchestrating a smear campaign after she accused her It Ends With Us co-star of sexually harassing her, the actors announced in a joint...more
Readers of this blog are well aware of the uptick in consumer privacy claims surrounding the online use of session replay and other similar tracking technology. Allegedly aggrieved consumers typically claim that the use of...more
On May 8, 2026, California Attorney General Rob Bonta — joined by the District Attorneys of San Francisco, Los Angeles, Napa, and Sonoma Counties, with support from the California Privacy Protection Agency (CalPrivacy) —...more
On May 8, 2026, California Attorney General Rob Bonta, together with several California district attorneys and the California Privacy Protection Agency, announced a $12.75 million settlement with General Motors and its...more
Agentic commerce arrives in a field that has spent the better part of 40 years catching up to digital markets, and is now catching up to AI. Antitrust law is built almost entirely on judicial interpretation rather than...more
The U.S. Department of Labor (DOL) and White House have an overarching message for workplaces: Artificial intelligence is here to stay — and it’s not a matter of if, but rather when and how, you incorporate it into your...more
On May 7, 2026, the European Parliament and the Council of the European Union reached a provisional agreement on a set of targeted amendments to the Regulation (EU) 2024/1689 (the “EU AI Act”), which seek to simplify several...more
As discussed in our previous article, on May 7, 2026, Instructure experienced a significant data breach affecting Canvas, an online education management platform utilized by over 8,000 schools and universities across the...more
A federal court’s decision blocking key provisions of Arkansas’ social media age-verification law rests on familiar constitutional ground. The challengers framed the law as a system that conditions access to online expression...more
The House Financial Services Committee recently advanced legislation to modernize the Gramm-Leach-Bliley Act (GLBA), reflecting a continued shift toward more prescriptive data governance obligations for financial...more
As healthcare organizations increasingly embrace artificial intelligence (AI)—moving from common use cases in ambient dictation and revenue cycle management, to wide scale adoption across sectors—it brings increased legal,...more
In the ongoing absence of comprehensive federal privacy laws, states continue to serve as the primary engines of privacy innovation, setting precedents that may influence or even outpace federal action and shaping the rules...more
This article outlines key questions and compliance concepts to consider based on common scenarios in which healthcare entities “feed the machine” with sensitive data. Explore all articles in our AI in Healthcare series. Key...more
AI is rapidly being integrated into healthcare delivery, operations, and patient engagement, increasing legal and compliance complexity. This checklist highlights key risks and considerations across data use, contracting,...more
Regulators continue to focus on how companies interact with children online, as illustrated by the recent settlements Roblox entered into with different state AGs. The company has agreed to pay a total of almost $36 million...more
Every click, swipe, and tap can generate actionable insight and face companies with a real privacy paradox: how do you gather the data necessary to serve business needs without harvesting more than you should or more than...more
The United States Department of Health and Human Services (HHS) provides a helpful set of questions and answers on its website regarding the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Professionals...more
A newly released report found a sharp resurgence in class action filings over the last year, driven largely by consumer protection claims tied to digital commerce and data privacy. The report showed meaningful shifts in where...more
This article highlights key legal considerations for using AI systems with protected health information (PHI), with a focus on agreements, business associate obligations, and data governance. Explore all articles in our AI in...more
In a trio of recent website tracking decisions, the District of Massachusetts resolved motions to dismiss privacy claims related to third-party tracking technologies on healthcare websites: Progin v. UMass Memorial Health...more
In April 2026, Alabama enacted the Alabama Personal Data Protection Act (APDPA), making it the 22nd U.S. state to adopt a broad consumer privacy law governing how organizations collect, use, and disclose personal data. While...more
The Supreme Court just gave recipients of government subpoenas, civil investigative demands, and other legal process a new and potentially powerful tool for responding to those investigative demands, especially if those...more
Leaders and employees know they need to keep communications over approved, auditable channels. But an out-of-office message directing a client to a personal mobile number is off-channel. A WhatsApp message arranging a meeting...more
Government response to the independent review of the Online Safety Act Update - The Online Safety Act 2021 (Cth) (the "OSA") introduced a regulatory framework requiring online service providers to regulate content and...more
Many US states have attempted to enact laws similar to the UK’s Age-Appropriate Design Code. Nebraska is among them, and is set to take effect -unless challenged- on July 17, 2026. The law was initially passed in May 2025,...more