Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
The Health Insurance Portability and Accountability Act of 1996, as amended by the Health Information Technology for Economic and Clinical Health Act, and the regulations promulgated thereunder (collectively “HIPAA”) is a...more
Unlike Europe’s comprehensive General Data Protection Regulation framework, the United States still lacks an all-encompassing data privacy statute. Instead, data centers operating in the United States must navigate a complex...more
On June 5, 2025, the UK’s Information Commissioner’s Office (ICO) fined 23andMe £2.31 million (~$3.1 million). The fine was for failing to implement adequate security measures to protect the personal data of over 155,000 UK...more
Unlike other sectors, US healthcare businesses must reconcile cost-saving strategies with stringent compliance obligations, especially when patient data crosses national borders or is accessed overseas....more
What new guidance on anonymisation from the UK Information Commissioner’s Office (ICO) means for healthcare and life sciences companies....more
On June 22, 2025, Texas Governor Greg Abbott signed into law the Texas Responsible Artificial Intelligence (AI) Governance Act (Texas AI Act). The Texas AI Act adopts a unique approach to regulating AI that has not been...more
On June 12 2025, the French supervisory authority (CNIL) requested public comments on the draft recommendations on the use of tracking pixels in emails (Draft Recommendations)....more
On June 18, 2025, the U.S. District Court for the Northern District of Texas invalidated provisions of the HIPAA Privacy Rule To Support Reproductive Health Care Privacy (2024 Rule) in the case of Purl v. United States Dep’t...more
On June 22, 2025, Governor Abbott signed the Texas Responsible Artificial Intelligence Governance Act (TRAIGA), which will take effect January 1, 2026. Any business or government agency working with AI in Texas should take...more
The European Data Protection Board recently published its draft Guidelines 02/2025, which remain open to consultation until 09 June 2025. Stakeholders in the blockchain industry are encouraged to submit any observations...more
Artificial intelligence (AI) is rapidly transforming the media and entertainment industry. Once viewed by many as a threat, AI is increasingly being embraced as a powerful tool. Studios and tech-forward production companies...more
On 19 June 2025, CNIL published two additional “how-to-sheets” on artificial intelligence, one on legitimate interest and the other on the collection of data via web scraping. These documents aim to clarify the rules...more
On June 18, 2025, the U.S. Food and Drug Administration (“FDA”) announced an immediate review of new clinical trials that export American citizens’ biological materials to countries of concern, such as China, for genetic...more
Cyber regulations are crucial for the protection of individuals and businesses and aid in risk minimization; failure to comply with these regulations can result in severe consequences such as financial penalties, legal...more
The Texas Responsible Artificial Intelligence Governance Act (TRAIGA), which was signed into law by Governor Greg Abbott on June 22, 2025, and is effective January 1, 2026, establishes a framework for regulating the...more
The Spanish Data Protection Authority (“AEPD“) has published its 2024 annual report, which includes the AEPD’s awareness-raising activities; the collaboration and inspection activities of the Spanish authorities; relevant...more
Texas has taken a significant step in regulating artificial intelligence (AI) with the passage of House Bill (HB) 149 and Senate Bill (SB) 1188. Signed into law on June 22, 2025, and effective Jan. 1, 2026, HB 149 – formally...more
Welcome to the Summer 2025 issue of Blakes Data Governor, published by the Blakes Privacy & Data Protection group. Blakes Data Governor provides actionable insights and practical overviews of recent developments impacting...more
On 19 June 2025, CNIL published two additional “how-to-sheets” on artificial intelligence, one on the legitimate interest and the other on the collection of data via web scraping. These documents aim to clarify the rules...more
Orrick Partners Matthew Coleman and Jeanine McGuinness join RegFi co-hosts Jerry Buckley and Sherry Safchuk to explore the implications of the Justice Department’s recent issuance of a final rule prohibiting and restricting...more
Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency’s Artificial Intelligence Security Center (NSA AISC), and the FBI have issued new AI data security guidelines. These new guidelines are aimed...more
Cross-border marketing of products or services by an overseas company (a body corporate incorporated outside of Bermuda) to customers in Bermuda could be construed as carrying on business in Bermuda and, if so, would be...more
In Part One of this FAQ series, we break down Virginia's Senate Bill 754, Consumer Protection Act; prohibited practices, etc., reproductive or sexual health information (Act), which amends the Virginia Consumer Protection Act...more
China’s primary data regulator, the Cyberspace Administration of China (CAC), released two sets of Q&As with respect to exporting data from China, one in April and one in May. The questions were selected from those raised...more
Employers' access to, and retention of, employee medical information can be fraught with legal risk. Even the most seasoned HR professionals have trouble navigating the complex rules and regulations governing employee medical...more