No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Key Discovery Points: Don’t Get Caught with Your Hand in the Production Cookie Jar
How Startups Can Comply With Ever-Changing Privacy Laws
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Rethinking Records Retention
#Risk New York Speaker Series: The Future of AI Governance in GRC with Matt Kelly
The Privacy Insider Podcast Episode 15: TAKE IT DOWN: Online Abuse and Harassment with Carrie Goldberg of C.A. Goldberg, PLLC
Facial Recognition and Legal Boundaries: The Clearview AI Case Study — Regulatory Oversight Podcast
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
Constangy Clips Ep. 10 - 3 Ways the GDPR Is Evolving with Today’s Tech Landscape
The Privacy Insider Podcast Episode 14: The Pig Around the Corner: Privacy and Trade with Constantine Karbaliotis of nNovation LLP
State AG Pulse | Massive Google Settlement Shows AGs Serious About Privacy
Podcast - What Healthcare Providers Should Be Telling Students and Interns About HIPAA and Snooping
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
CYBERSECURITY - U.S. Retailers Bracing for Scattered Spider Attacks - Google sent out a warning that the cybercriminal group Scattered Spider is targeting U.S.-based retailers. Scattered Spider is believed to have been...more
Financial institutions that use code-based tracking technologies may soon find themselves facing increased scrutiny and legal exposure as the next wave of class action litigation begins. On December 19, 2024, a member of...more
Are you using artificial intelligence in your business operations? Do you have AI embedded in the goods and services you offer customers? The regulatory framework applicable to AI continues to develop, including across US...more
Two recent decisions from the Northern District of California—Shah v. Capital One Financial Corp., No. 24-cv-05985-TLT, 2025 WL 714252 (N.D. Cal. Mar. 3, 2025), and M.G. v. Therapymatch, Inc., No. 23-cv-04422-AMO, 2024 WL...more
It is hard to believe that we are starting the 25th year of the 21st century. The rapid evolution that technology, privacy and data security have undergone these last 25 years is mindbending. Yet, as we enter 2025, it still...more
The act of predicting what will become the dominating storyline of data privacy and cybersecurity in 2025 is a hazardous enterprise, as one is almost surely to get something wrong. Without fail, every year, regulators and the...more
Overview - In 2024, lawsuits targeting companies for their use of commonly deployed digital tracking technologies, such as pixels, and session replay tools proliferated. Frequently used on apps and websites, tracking...more
Businesses continue to be subjected to a steady stream of consumer class action lawsuits alleging improper collection or disclosure of information from their websites. A variety of laws and legal claims are used to support...more
In a significant move to enhance consumer privacy and promote transparency in digital practices, the New York State Attorney General recently published two critical guides: “Website Privacy Controls: A Guide for Business” and...more
New York Attorney General Letitia James recently released guidance for businesses and consumers about website tracking technologies. The consumer guide provided examples of common cookies, tracking technologies, and how...more
Data privacy-related lawsuits have skyrocketed in recent years. Federal courts saw over 900 data privacy dockets in 2020 – but witnessed a surge to 1,767 dockets in 2023. At the halfway point in 2024, federal court data...more
On June 20, 2024, the United States District Court for the Northern District of Texas ordered the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) to vacate its guidance that had restricted...more
Last week, in a significant win for the American Hospital Association plaintiff, the U.S. District Court for the Northern District of Texas issued an opinion vacating the Department of Health and Human Services’ (“HHS”)...more
Much of the focus on US privacy has been US state laws, and the potential of a federal privacy law. This focus can lead one to forget, however, that US privacy and data security law follows a patchwork approach both at a...more
The U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) has, as part of its mandate, the responsibility to enforce the Health Insurance Portability and Accountability Act (HIPAA) Security Rule....more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
To celebrate Data Privacy Day (January 28), we present our top ten data privacy and cybersecurity predictions for 2024. 1. AI regulations to protect data privacy. Automated decision-making tools, smart cameras, wearables,...more
On November 2, 2023, the American Hospital Association and Texas Hospital Association, in conjunction with the Texas Health Resources and United Regional Health Care System, filed suit against the Secretary of the Department...more
Online tracking technologies, such as pixels, have become a common feature of the modern web and app ecosystem. Pixels and other online tracking technologies may be configured to collect user data about website visits,...more
What You Need To Know In A Minute Or Less - The rise in session replay litigation has paved the way for a new wave of website privacy lawsuits: pixel tool litigation. Plaintiffs have increasingly challenged the use of this...more
Efforts to Address the Lack of Federal Data Privacy Legislation in the U.S. Have Continued - The need for federal data privacy legislation was reiterated in the House Energy and Commerce Committee’s Subcommittee on...more
Health care providers should evaluate their use of “tracking technologies” on their websites and mobile applications (apps) for compliance with HIPAA. On December 1, 2022, the Office for Civil Rights (OCR) issued a bulletin...more
In a December 2022 bulletin published by the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS), HHS made clear that the use of third-party tracking technologies by covered entities and business...more
Thomas Vaughn is the current Chief Information Security Officer (CISO) of the City of Tallahassee and the former CISO of Florida. A kindhearted introvert who began his cybersecurity career in the Army and then the U.S. Coast...more
While presenting this week at the DRI Cybersecurity and Data Privacy Virtual Seminar, I outlined many of the issues currently impacting data security around the world. Here are some key points:.....more