Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
A Blueprint for Efficient SRRs: Mastering Your Subject Rights Workflow
What is the CCF?
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — Hiring to Firing Podcast
A Less is More Strategy for Data Risk Mitigation
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Weathering the 2025 Whirlwind: How to Keep Calm & Carry On
No Password Required Podcast: Chief Product Officer at ThreatLocker and Advocate of Buc-ee’s, Mascots, and Buc-ee Mascots
Compliance Tip of the Day: AI for Whistleblower Anonymity
Why Privacy Matters to Your Business and What's in Store for 2025
CFPB's Inquiry Into Payments Privacy — Payments Pros – The Payments Law Podcast
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 223: Cybersecurity and Privacy Risks with Healthcare Vendors with Brandon Robinson of Maynard Nexsen
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
On 14 February 2025, the Cyberspace Administration of China (“CAC”) issued the “Administrative Measures for Personal Information Protection Compliance Audits” (the "Measures"), which will take effect on 1 May 2025. The...more
Life sciences companies have long been outside the scope of US national security regulations and benefited from significant exemptions under US privacy laws. ...more
A new U.S. federal rule restricts bulk sharing of sensitive personal information and governmental information with certain countries, for some key industries. In December 2024, the Department of Justice issued a comprehensive...more
In the final days of the Biden administration the U.S. Department of Justice (DOJ) issued a sweeping set of regulations which are in effect as of yesterday, April 8, 2025. The regulations focus on cross-border data transfers...more
The cross-border transfer of personal information (hereinafter referred to as “PI,” and such transfers as “PI export”) is a routine and often essential part of business operations for companies in China—particularly...more
The US Department of Justice’s (DOJ’s) Final Rule on preventing access to US sensitive personal data, published in the Federal Register on January 8, 2025, will prohibit or significantly restrict the transfer of or other...more
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
The instant popularity of China’s DeepSeek-V3 generative artificial intelligence model underscores why companies should craft stronger GenAI policies that minimize the risks of employees exposing sensitive data, violating...more
Artificial intelligence (AI) has made enormous strides in recent years and has increasingly moved into the public consciousness. Explore Trendscape Our take on the interconnected global trends that are shaping the business...more
Everyone is talking about DeepSeek for its increase performance and efficiency. However, with that comes additional risks, as DeepSeek is subject to Chinese national law, and there are still many unanswered questions...more
The PRC Personal Information Protection Law (PIPL) mandates regular data compliance audits. Following a consultation period beginning in August 3, 2023, the Cyberspace Administration of China (CAC) issued the Measures for...more
On February 14, 2025, the Cyberspace Administration of China ("CAC") finalized the "Personal Information Protection Compliance Audit Measures" ("Audit Measures"), which refines the draft version released on August 3, 2023...more
The Evolving Role of AI/ML in Healthcare - The use of artificial intelligence/machine learning (AI/ML) in healthcare is evolving rapidly and introducing new challenges. Not only are medical devices using AI for diagnostics,...more
On January 3, 2025, the Cyberspace Administration of China (the “CAC”) released the Draft Measures for Personal Information Protection Certification for Cross-Border Data Transfers (the “Draft Measures”) for public comment....more
Chinese data regulators are intensifying their focus on the data protection compliance audit obligations under the Personal Information Protection Law (“PIPL“), with the release of the Administrative Measures for Personal...more
A groundbreaking new regulatory regime, imposing rules unlike any in existing U.S. law, may surprise many companies due to its sudden adoption and complexity. This article tries to simplify the changing regulatory landscape,...more
Late last week, a new generative AI large language model called DeepSeek was publicly launched by two Chinese entities, the Hangzhou and Beijing DeepSeek Artificial Intelligence Cos. Ltd. DeepSeek is currently driving...more
On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
In a much-anticipated decision, the U.S. Supreme Court on Jan. 17, 2025, rejected TikTok's appeal and upheld the Protecting Americans from Foreign Adversary Controlled Applications Act (Act). The act, which was signed into...more
The Regulations, which took effect on January 1, 2025, reiterate and clarify existing requirements and introduce new ones on privacy and network data security....more
The U.S. Department of Justice (“DOJ”) published its final rule (“Final Rule”) on January 8, 2025, that will prohibit or restrict transfer of certain data of U.S. persons to countries of concern, including to China. The Final...more
On 3 January 2025, the Cyberspace Administration of China (“CAC“) released for public consultation the draft Measures for Certification of Personal Information Protection for Cross-Border Transfer of Personal Information...more
On 30 September 2024, the State Council of the People's Republic of China published the Network Data Security Management Regulations (the “Regulations”).1 These Regulations finalise the Draft Regulations released for public...more
The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more