No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
On April 22, 2025, Laura D’Allaird, Chief of the SEC’s Cyber and Emerging Technologies Unit (CETU), participated in the Incident Response Forum Masterclass 2025 (Incident Response Masterclass). In the session, titled “SEC...more
On May 15, 2024 the SEC issued Release Nos. 34-100155; IA-6604 (the “Adopting Release”) providing for amendments to the safeguards and disposal rules of Regulation S-P (the “Amendments”). The compliance dates for the...more
Key Points - - During its 2024 term, the U.S. Supreme Court is poised to provide important guidance on the Private Securities Litigation Reform Act’s (PSLRA’s) particularity requirement in NVIDIA Corp. v. E. Ohman J:or...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
Over the past year, we have seen the various agencies and branches of government issue a slew of rules, guidance, and directives over the use (and misuse) of Artificial Intelligence (AI). In May, the EEOC issued guidance on...more
Welcome to the third edition of our AI Legal News Summer Roundup! After five class actions were filed between June 28 and July 11 (as reported on in our first edition of this series), on July 21, another class action lawsuit...more
Additional Requirements to Go Into Effect June 9, 2023 - As we discussed in our March 3 Advisory, on October 27, 2021, the Federal Trade Commission (FTC) announced revisions (the 2021 Revisions) to its information...more
Final comments were due last week to the Securities and Exchange Commission (SEC)’s proposed cybersecurity risk management rules for registered investment advisers, registered investment companies and business development...more
Welcome to this month's issue of The BR Privacy & Security Download, the digital newsletter of Blank Rome’s Privacy, Security & Data Protection practice. ...more
U.S. Securities and Exchange Commission (SEC) Chair Gary Gensler made remarks on Jan. 24, 2022, at Northwestern University Pritzker School of Law's Annual Securities Regulation Institute regarding the SEC's work to improve...more
On August 30, 2021, the Securities and Exchange Commission (SEC) announced that eight broker-dealers and/or investment advisers will pay civil monetary penalties to resolve enforcement actions arising from cybersecurity...more
CYBERSECURITY - SEC Issues Warning for Advisors and Broker-Dealers on Increased Ransomware Attacks - On July 10, 2020, the Securities and Exchange Commission (SEC), through its Office of Compliance Inspections and...more
Kestra Investment Services LLC (“Kestra”) was fined $125,000 by FINRA for sharing personal customer data with a third-party vendor. Kestra had engaged the vendor to assist newly hired brokers with the transfer of customer...more
On January 27, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) announced its most recent Cybersecurity and Resiliency Observations. This report highlights specific practices that have been, and can be...more
The Cayman Islands recently implemented data protection legislation similar to that adopted elsewhere in the world, including the EU’s General Data Protection Regulation (GDPR). The GDPR forced many businesses outside its...more
The North American Securities Administrators Association (NASAA) this week approved an information security model rule package aimed at improving the cybersecurity posture of the 17,543 state-registered advisers. ...more
It should not be surprising to anyone that cybersecurity and data protection remain top priorities for regulators of the financial services industry. Indeed, cybersecurity has been regularly identified as a key priority by...more
Earlier this month, the Securities and Exchange Commission (“SEC”) took a break from its recent focus on digital assets and the Best Interest fiduciary standard to publish a Risk Alert encouraging investment advisers and...more
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
The Securities and Exchange Commission is warning investment firms to step up their game when it comes to following the agency’s privacy rules. In a Risk Alert issued by the Office of Compliance Inspections and Examinations...more
The SEC has again signaled that now is the time for investment advisers and broker-dealers to get serious about compliance with Reg. S-P. For years, the SEC’s examination priorities have included a focus on cybersecurity...more
I am hardly saying that SEC Regulation S-P is the sexiest of regulations. I mean, has any customer is history actually read one of those exciting statement stuffers that discloses in some dense font a BD’s privacy policy?...more
On April 16, 2019, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a risk alert, “Investment Adviser and Broker-Dealer Compliance Issues Relating to...more
For the fourth year running, the Securities and Exchange Commission’s Office continues to list cybersecurity as one of the top enforcement priorities for 2019. As it relates to cybersecurity, the SEC will be focusing on...more
Did you know that as an investment advisor you may "own" your clients’ personal data? That’s right; for purposes of Massachusetts’ data privacy regulations, any person or entity that receives, stores, maintains, processes, or...more