No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
On June 19 2025, the Information Commissioner’s Office (ICO) published guidance on the Data (Use and Access) Act 2025 (DUAA), which received Royal Assent on the same day. The DUAA introduces significant changes to the UK data...more
The European Data Protection Board recently published its draft Guidelines 02/2025, which remain open to consultation until 09 June 2025. Stakeholders in the blockchain industry are encouraged to submit any observations...more
Ontario’s Information and Privacy Commissioner (IPC) has released a new Privacy Management Handbook (Handbook) aimed at assisting small healthcare organizations to meet their privacy obligations under Ontario’s health...more
China’s primary data regulator, the Cyberspace Administration of China (CAC), released two sets of Q&As with respect to exporting data from China, one in April and one in May. The questions were selected from those raised...more
In anticipation of the June 20, 2025, effective date of the New York Child Data Protection Act (NYCDPA), the Office of the New York State Attorney General (OAG) recently released implementation guidance that provides critical...more
On June 4, 2025, the Digital Advertising Alliance (“DAA”), the self-regulatory body that sets and enforces privacy standards for digital advertising, announced it is launching a process to determine if it is necessary to...more
In April, the Office of the Connecticut Attorney General (OAG) released an updated enforcement report under the Connecticut Data Privacy Act (CTDPA) to highlight privacy enforcement actions taken in 2024....more
The Cross Market Operational Resilience Group's (CMORG) AI Taskforce has released its AI Baseline Guidance Review (dated January 2025), accompanied by a press release. The CMORG AI Taskforce conducted a baseline review of...more
On 15 April 2025, the Hong Kong Government’s Digital Policy Office published the Hong Kong Generative Artificial Intelligence Technical and Application Guideline (“Guideline”), which aims to provide operational guidance for...more
Businesses with employees in Hong Kong should be aware of new guidelines aiming to help companies develop policies on generative AI use in the workplace. Although the new guidelines are not binding, they are meant to align...more
On 15 April 2025, the Digital Policy Office (DPO) of the Hong Kong Government published the Hong Kong Generative Artificial Intelligence Technical and Application Guideline (Guideline), seeking to encourage stakeholders in...more
As cyberattacks and cybercriminals are becoming increasingly sophisticated, safeguarding employee benefit plans, including health and welfare plans, is crucial. The Employee Benefits Security Administration of the U.S....more
On April 11, 2025, the U.S. Department of Justice’s National Security Division (NSD) issued a Compliance Guide to provide additional information to assist companies and individuals in complying with the NSD’s Data Security...more
On April 11, the Department of Justice's National Security Division (NSD) published new guidance on recent measures to restrict the ability of adversarial foreign governments and other foreign entities of concern to access...more
New DOJ guidance helps companies understand their obligations under the DSP, which could severely impact investment agreements and ordinary commercial data transactions. On April 11, 2025, the US Department of Justice...more
On January 8, 2025, the U.S. Department of Justice (“DOJ”) issued its final rule to implement Executive Order 14117 aimed at preventing access to Americans' bulk sensitive personal data and government-related data by...more
On April 11, 2025, the National Security Division (NSD) of the Department of Justice issued a press release (Press Release) that outlines its approach to implementing and enforcing the DOJ’s recent final rule on “Preventing...more
In a Press Release issued April 11, 2025, the U.S. Department of Justice (“DOJ”) indicated that it would prioritize “facilitating compliance” over civil enforcement actions for the first 90 days of its new US-China data...more
On April 11, 2025, the Department of Justice (“DOJ”) released additional detail regarding the Final Rule implementing former President Biden’s Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal...more
The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
Starting April 3, Ohio hospitals will have to navigate new requirements under House Bill 173. This law mandates greater transparency in healthcare pricing. It also includes rules for selling or targeted advertising related to...more
The New Jersey AG and the Division on Civil Rights’ new guidance on algorithmic discrimination explains how AI tools might be used in ways that violate the New Jersey Law Against Discrimination. The law applies to employers...more
Early in the new year, the US Food and Drug Administration (FDA) released two anticipated draft guidance documents focused on artificial intelligence (AI): Artificial Intelligence-Enabled Device Software Functions: Lifecycle...more
In a significant move to regulate the growing impact of artificial intelligence, Oregon lawmakers recently passed Senate Bill 1571, requiring campaigns to disclose when they use AI to manipulate audio or video images,...more
Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more