Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Compliance into the Weeds: Unsexy Keys to Data Analytics for Compliance Programs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
A Less is More Strategy for Data Risk Mitigation
All in the Family: What’s Next for Cloud Attachments in eDiscovery?
Podcast - Bowling with Bumpers: Using a Privacy Framework to Set Your Company Up for a Strike
A Sneak Peek into Data Mapping: What Implementation Really Looks Like
It's Time to Think About Data Mapping Differently
Monumental Win in Data Breach Class Action: A Case Study — The Consumer Finance Podcast
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 15: eDiscovery for Employers with Angela O’Neal, Nextra Solutions Director
Calculating eDiscovery Costs: Tips from Brett Burney
Work This Way: A Labor & Employment Law Podcast - Episode 6: Digital Forensics & Protecting Trade Secrets with Clark Walton
Managing Large Scale Review Efficiency: Tips From a GC
Record Retention and Information Governance
The Great Link Debate and the Future of Cloud Collaboration
Data Driven Compliance - Malcolm Hawker and Fit for Purpose Data
Review Analytics for a New Era
Data Governance for the BYOD Age
Early in the new year, the US Food and Drug Administration (FDA) released two anticipated draft guidance documents focused on artificial intelligence (AI): Artificial Intelligence-Enabled Device Software Functions: Lifecycle...more
On September 6, 2024, the U.S. Department of Labor (DOL) issued Compliance Assistance Release No. 2024-01, titled “Cybersecurity Guidance Update.” The updated guidance clarifies that the DOL cybersecurity guidance applies to...more
On May 24, 2023 (or as we like to call it, the eve of GDPR’s 5th birthday), the UK’s data protection body, the Information Commissioner’s Office (the ICO), published a new guide for employers on responding to data subject...more
Summary - The Departments of Labor, Health and Human Services, and the Treasury have issued guidance on how health plans and insurers may attest to their compliance with the anti-gag rules of the Consolidated...more
Today, after months of rumors regarding its release and contents, the White House issued its National Cybersecurity Strategy “to secure the full benefits of a safe and secure digital ecosystem.” The full strategy is 39 pages...more
Stay on top of the latest in research compliance - Do you want to learn: - Current best practices for building and maintaining a research compliance work plan? - How to better shift your program’s research focus in...more
CYBERSECURITY NIST - Releases Guidance on Supply Chain Security - The National Institute of Standards and Technology (NIST) Information Technology Laboratory recently released guidance entitled “Software Supply Chain...more
Last Friday, the Office of Foreign Assets Control (OFAC) published more targeted guidance for digital asset companies related to compliance with sanctions and best practices for mitigating risks. This guide comes on the heels...more
On September 21, 2021, the U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) issued an updated advisory outlining the risks involved with facilitating ransom payments to malicious actors conducting...more
The European Commission (“EC”) has long sought to improve data privacy for Europeans, even when they interact with global or non-European companies. Laws like the General Data Protection Regulation (or “GDPR”) seek to...more
The federal Cybersecurity and Infrastructure Security Agency (CISA) released a few cybersecurity “bad practices” this week to assist in decreasing the volume of knowable and preventable cyber mistakes. These bad practices are...more
The Department of Labor recently issued cybersecurity guidance to retirement plans. The department’s Employee Benefits Security Administration (EBSA) issued guidance in three areas: (1) hiring and working with vendors and...more
On November 10, 2020, the European Data Protection Board (“EDPB”) issued highly anticipated guidance intended to clarify how data exporters could legally transfer data to “third countries” under GDPR following the Schrems II...more
The European Data Protection Board (EDPB) and a number of European data protection supervisory authorities have recently issued guidance on processing personal data, including special categories of personal data (i.e., health...more
Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more
The Securities and Exchange Commission recently published a set of observations designed to assist financial market participants. While not legally binding, the observations are guideposts for investment companies, securities...more
On January 6, 2020, Andrew Smith, Director of the Federal Trade Commission (FTC) Bureau of Consumer Protection, announced three significant improvements to the FTC’s approach to data security enforcement cases....more
The SEC, through its Office of Compliance Inspections and Examinations (“OCIE”), recently issued its most detailed cyber guidance to date. OCIE had previously issued several cybersecurity risk alerts over the past few years....more
The SEC has issued new guidance it believes will assist public companies both in assessing materiality and in drafting disclosure related to risks to technology and intellectual property that may result from conducting...more
As the issues surrounding data protection become increasingly complex, in recent years the advisory guidelines (Guidelines) issued by the Personal Data Protection Commission of Singapore (PDPC) have been invaluable in guiding...more
Report on Research Compliance 16, no. 12 (December 2019) - NIH is seeking comment on a proposed policy for data management and sharing, as well as two related guidance documents that together seek to “promote effective and...more
EU Court Allows Class Action to Proceed, Sets Precedent for Future Data Breach Class Actions - A class action brought against Google will be allowed to move forward after the plaintiff’s appeal was permitted, allowing him to...more
On October 17, the Spanish data protection authority (AEPD) published the Guide to Privacy by Design (Guide). While Privacy by Design (PbD) first became a legal requirement in the EU with implementation of the General Data...more
The EDPB’s new Guidelines on Article 6(1)(b) may severely limit e-commerce business’ ability to enhance data processing by unilaterally defining contractual services....more
Anonymisation has always been (and still is) a real challenge for those carrying out clinical research. To shed some light on this matter, the Medical Research Council (MCR) – which is part of UK Research and Innovation – has...more