How Startups Can Comply With Ever-Changing Privacy Laws
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Rethinking Records Retention
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Ontario’s Information and Privacy Commissioner (IPC) has released a new Privacy Management Handbook (Handbook) aimed at assisting small healthcare organizations to meet their privacy obligations under Ontario’s health...more
Cross-border marketing of products or services by an overseas company (a body corporate incorporated outside of Bermuda) to customers in Bermuda could be construed as carrying on business in Bermuda and, if so, would be...more
On June 17, 2025, the Office of the Privacy Commissioner of Canada (OPC) released a summary of its investigation findings regarding a data breach at 23andMe, which affected nearly seven million customers, including...more
On June 11, 2025, two new pieces of legislation in Alberta came into effect: (1) the Protection of Privacy Act; and (2) the Access to Information Act. Both pieces of legislation are expected to significantly impact...more
The Italian Data Protection Authority (the Garante) has issued its first GDPR fine for, among other breaches, unlawful retention of metadata from employees’ emails and web browsing activities. The decision applies, for the...more
On May 19, 2025, President Trump signed the bipartisan TAKE IT DOWN Act into law. The Act criminalizes the publication of nonconsensual intimate visual depictions of individuals, including AI-generated deepfakes. Threats to...more
Regulations matter, but until they’re enforced, they’re all just so many words (so, so many words) on paper. Businesses know that what really counts is whether, how, where, and when regulators enforce the law....more
In today's world, violations of individual privacy and secret disclosure are a serious problem. It may be eavesdropping, interception, recording, and the spreading of personal information without the consent of the other...more
The California Privacy Protection Agency announced this month that it, along with six other states, will be forming a new group called the “Consortium of Privacy Regulators.” (The other states are Colorado, Connecticut,...more
On March 12, 2025, the Board of the California Privacy Protection Agency (“CPPA”) issued a decision requiring American Honda Motor Co. (“American Honda”) to change its business practices and pay a $632,500 fine for making it...more
It’s not immediately obvious why someone would want to disclose a health care test result as part of a job application. But one such request spurred a Pennsylvania entity to provide a lot more than that: it sent her whole...more
We are moving westward this week from Iowa to Nebraska in our series of articles providing in-depth summaries of state consumer privacy laws taking effect across the nation. Nebraska Governor Jim Pillen (R) signed the...more
Iowa is next up in our series of articles providing in-depth summaries of state consumer privacy laws taking effect across the nation. On March 28, 2023, Iowa Governor Kim Reynolds (R) signed into law Senate File 262...more
Healthcare providers running on thin margins or just seeking new (and in the case of tax-exempt providers, permissible) revenue sources may jump at the chance when third party vendors offer to help them monetize their patient...more
On April 27, 2023, the Washington State governor signed into law the My Health My Data Act or the MHMDA. In spite of the onerous and at times confusing requirements of the MHMDA, the Washington Attorney General (AG) has only...more
In June, Texas became the tenth state with a comprehensive privacy law. The Texas Data Privacy and Security Act (“TDPSA”) contains familiar provisions from other state privacy laws regulating the collection, use, processing,...more
As more states adopt consumer data privacy laws, Nevada and Washington stand out for their recent passage of legislation aimed specifically at protecting “consumer health data.” Both states’ laws are notably broad in their...more
Florida has joined the growing list of states enacting comprehensive privacy laws. Governor Ron DeSantis (R) signed the Florida Digital Bill of Rights (“FDBR”) into law on June 6th. How does it compare?...more
On November 1, 2021, the Personal Information Protection Law of the People’s Republic of China (the “PRC”) (the “Personal Information Protection Law”) went into effect, two months after the Data Security Law of the PRC (the...more
Despite the great strides companies have made to mitigate the risks associated with security breaches, including putting insurance in place to cover those risks, cyber criminals have remained two steps ahead, finding new and...more
Last Friday, China passed the world’s harshest data privacy law, threatening violators with fines of up to 50 million Yuan (or about $7.7 million at the time of publication) or 5% of annual revenue. The Personal Information...more
On June 10, 2021, China adopted a new Data Security Law that will impact every business operating in or doing business with China. The law, which will take effect in less than a month (September 1, 2021), is sweeping in...more
On July 7, 2021, Colorado Governor Jared Polis signed the Colorado Privacy Act (“CPA”) into law, making Colorado the third state to enact comprehensive privacy legislation, following in the footsteps of California and...more
Virginia is now the second state, after California, to pass a comprehensive privacy law. The Consumer Data Protection Act (“CDPA”) will come into effect January 1, 2023 (the same time as the modification to California’s...more
Washington may be the next state to enact its own data privacy law after a bill was introduced into the Washington State Senate earlier this month. Known as the Washington Privacy Act, the bill’s sponsor, Sen. Reuven Carlyle,...more