Consumer Finance Monitor Podcast Episode: Regulators Escalate Focus on the Risks of Bank Relationships with Fintechs and Other Third Parties
DE Under 3: OFCCP Resurrects Proposal for Monthly CC-257 Employment Utilization Reports for Construction Contractors
DE Under 3: Updated EEOC COVID-19 Technical Assistance Guidance, Case Decision & Wage & Hour Division Proposed Rule
Digital Assets Regulation Framework: Commerce Solicits Public Comment
DE Under 3: EEOC & DOJ Technical Guidance for Employer’s AI Use; Upcoming EEOC Hearing; Event for Mental Health in the Workplace
Comment Deadline Approaching: Proposed Amendments Restricting Use of Prop 65 Short-Form Warnings
2BInformed: The Future of Fluoride in Drinking Water, the New TSCA Fees Rule, and the Drinking Water Contaminant Candidate List 5
Recent Actions on Ag Biotech by EPA’s Emerging Technologies Branch
III-44- A Little Help From The DOL
[WEBINAR] Laying the Foundation for Maximizing Benefits Around Emerging Technologies
[WEBINAR] Fairly (or Unfairly?) Traceable: Are Discharges Through Groundwater Subject to the Clean Water Act?
Episode 014: Business Divorce Stories: Business Appraiser Tony Cotrupe and Attorney Jeff Eilender
After a relatively slow start to 2025, the California Privacy Protection Agency (CPPA) is firing on all cylinders now. In recent weeks, the CPPA (i) revised the proposed Delete Request and Opt-out Platform (DROP) regulations...more
WCB Invites Comment on Privacy Issues Related to Text-to-988 Georouting: In this Public Notice (PN) the Wireline Competition Bureau (WCB) within the Federal Communications Commission (FCC or Commission) seeks additional,...more
FCC Solicits Comment on Amending Accessibility Rules for IVCS: In this Further Notice of Proposed Rulemaking (FNPRM) the Federal Communications Commission (FCC or Commission) requests further comment on whether to amend its...more
New Jersey appears poised to become the next state to explicitly add a duty of technology competence to its professional code of ethics. Proposed revisions to the New Jersey Rules of Professional Conduct would, if adopted,...more
On January 15, 2025, the Federal Acquisition Regulatory Council (FAR Council) proposed two significant rule changes that could reshape compliance obligations for government contractors: one establishing standardized...more
One of the Biden Administration’s last healthcare regs was a proposed rule that, if finalized, would make significant changes to the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule to...more
On January 16, the California Privacy Protection Agency extended the public comment period for its proposed rulemaking package to February 19 due to wildfires affecting the state....more
In early January, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking. The Proposed Rule would modify the Security Standards for the Protection of...more
With the HIPAA Security Rule set to undergo a massive overhaul to boost cybersecurity protections, PEOs need to take note. After all, as stewards of worksite employee and client company data – and as sponsors of group health...more
The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more
The Department of Health and Human Services (HHS) has proposed significant modifications to the HIPAA Security Rule and the HITECH Act in an attempt to strengthen cybersecurity protections for electronic protected health...more
On November 15, 2024, the Department of Defense (“DoD”) issued a long-awaited Proposed Rule to implement Section 1655 of the National Defense Authorization Act for Fiscal Year 2019. Section 1655 prohibits DoD from...more
On November 6, 2024, the Transportation Security Administration (TSA) published a Notice of Proposed Rulemaking (NPRM) that would mandate cyber risk management and reporting requirements for certain surface transportation...more
The California Privacy Protection Agency released proposed CCPA rules for a variety of topics in November, as well as announcing an investigative sweep for compliance with the Delete Act. Topics include the following, which...more
The Transportation Security Administration's ("TSA") proposed rule would require owners and operators of certain pipeline, freight railroad, passenger railroad, rail transit, and over-the-road bus ("OTRB") systems to...more
On October 15, 2024, the Department of Defense (DoD) published the final rule for the Cybersecurity Maturity Model Certification (CMMC) Program that not only finalizes the long-anticipated CMMC Rule but also foreshadows what...more
The US Department of Defense (DoD) published a final rule codifying the Cybersecurity Maturity Model Certification (CMMC) Program. The final CMMC rule will apply to all DoD contractors and subcontractors that will process,...more
The U.S. Department of Commerce and U.S. Department of State have been continuously easing restrictions on export-controlled trade between the United States, United Kingdom and Australia to foster technological innovation...more
The United States Department of Defense (DoD) took another big step on the path to instituting its highly anticipated Cybersecurity Maturity Model Certification 2.0 program (CMMC 2.0). Once finalized, CMMC 2.0 will establish...more
By now, companies that collect, process, and store the personal data of consumers are used to a fast pace of state privacy and cybersecurity legal activity. This year, companies should also expect increased activity from...more
On March 15, 2022, the Cyber Incident Reporting for Critical Infrastructure Act of 2022 was signed into law. Generally, CIRCIA requires “covered entities,” defined as entities in certain critical infrastructure sectors, to...more
On January 29, 2024, BIS proposed a rule that would impose new requirements for U.S. providers of Infrastructure as a Service (“IaaS”) products and their foreign resellers. The proposed rule would require U.S. IaaS providers...more
The federal Cybersecurity and Infrastructure Security Agency (CISA) released a draft of its proposed rule detailing how covered entities operating in critical infrastructure sectors report cyberattacks and ransomware payments...more
The US Department of Defense (DoD) has issued a proposed rule to implement its long-awaited Cybersecurity Maturity Model Certification program (CMMC 2.0). This proposed rule — released on December 26, 2023, and published in...more
On December 26, 2023, the U.S. Department of Defense (DoD) published the much anticipated proposed rule for the revamped Cybersecurity Maturity Model Certification (CMMC) 2.0 Program....more