Podcast: Addressing Patient Complaints About Privacy Violations
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Top Healthcare Compliance Priorities for 2025
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
Podcast - Who Owns Your DNA? Lessons Learned from 23andMe
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Episode 366 -- DOJ Issues Data Security Program Requirements
The Privacy Insider Podcast Episode 13: Preserving Privacy and Social Connection with Christine Rosen of the American Enterprise Institute
AI in Employment: Navigating the Legal Landscape with Lessons from I, Robot — The Good Bot Podcast
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye
Fintech Focus Podcast | Responding to a Cyber Attack – Key Considerations for GCs and CISOs
In today’s hybrid and remote work environment, organizations are increasingly turning to digital employee management platforms that promise productivity insights, compliance enforcement, and even behavioral analytics. These...more
As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more
Hogan Lovells and the AI Health Care Coalition recently hosted their fourth annual AI Health Law & Policy Summit, where thought leaders and policymakers gathered to discuss a variety of topics including data and privacy...more
On May 19, the GAO published a report discussing the use and oversight of AI in financial services. The report highlighted the benefits of AI, such as improved efficiency, reduced costs, and enhanced customer experience,...more
Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more
The Cross Market Operational Resilience Group's (CMORG) AI Taskforce has released its AI Baseline Guidance Review (dated January 2025), accompanied by a press release. The CMORG AI Taskforce conducted a baseline review of...more
On 15 April 2025, the Hong Kong Government’s Digital Policy Office published the Hong Kong Generative Artificial Intelligence Technical and Application Guideline (“Guideline”), which aims to provide operational guidance for...more
Banks of all sizes must confront the rapid integration of artificial intelligence within their institutions (and everywhere, for that matter). AI tools are already widely used, often without proper oversight, as employees and...more
AI is transforming the life sciences industry by accelerating drug discovery and personalizing patient care. But as companies increasingly rely on AI to process genetic, biometric, and other types of health data, they must...more
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
During the 2024 legislative session, the Colorado General Assembly passed Senate Bill 24-205, which is known as the Colorado Artificial Intelligence Act (CAIA). This law will take effect on February 1, 2026, and requires...more
Governance, risk, and compliance (GRC) can feel like thankless work at times. You can’t ship risk mitigation to market. It's not usually reflected on your balance sheet. Only especially canny investors notice the absence of...more
Artificial intelligence (AI) is rapidly reshaping the digital health sector, driving advances in patient engagement, diagnostics, and operational efficiency. However, for Privacy Officers, AI’s integration into digital health...more
On April 14, 2025, the National Institute of Standards and Technology (“NIST”) released draft updates to the NIST Privacy Framework, designed to address current privacy risk management needs, enhance usability, and align the...more
On 15 April 2025, the Digital Policy Office (DPO) of the Hong Kong Government published the Hong Kong Generative Artificial Intelligence Technical and Application Guideline (Guideline), seeking to encourage stakeholders in...more
After years of regulatory uncertainty, the Trump administration has signaled a new approach to digital assets, including by establishing a working group focused on digital assets and nominating crypto-friendly chairs to the...more
The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more
U.S. organizations should carefully review and ensure their privacy and cybersecurity practices comply with a wide-ranging new federal rule establishing data transfer restrictions regarding sensitive U.S. personal data. The...more
On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates...more
The 1:10:100 rule—coined in 1992 by George Labovitz and Yu Sang Chang, the rule describes how much bad data costs. Preventing the creation of bad data at its source costs $1. Remediating bad data costs $10. Doing nothing...more
As if legal and compliance professionals had enough responsibilities on their plates, DOJ dropped another shoe (to join the tariffs, sanctions and export controls, and immigration issues) and upped the stakes for ethics and...more
Unlock a New Era of Customer Risk Assessment - Legacy customer risk rating (CRR) models—built on static KYC data and subjective judgment—are no longer sufficient in a world of dynamic threats and tightening regulatory...more
The Trump Administration's policies on artificial intelligence (AI) have been shaped by an executive order (EO) and two memoranda aimed at promoting the use of AI in government operations while ensuring safety, security and...more
ComplexDiscovery Editor’s Note: Emotional bonds with AI are no longer speculative—they’re shaping user behavior and redefining the risks legal professionals must address. This thoughtful exploration of artificial intimacy...more
In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more