A Less is More Strategy for Data Risk Mitigation
Data Retention and Document Holds
Healthcare Document Retention
The NYDFS Updates Its Stringent Cybersecurity Regulations. Is This a Bellwether of Coming Industry Change? - The Consumer Finance Podcast
Spring Cleaning for Legal Teams: The Cloud and Defensible Deletion of Data
M365 in 5 – Part 7: Teams Audio/Video (A/V) Conferencing
M365 in 5 – Part 6: Teams Channels – The virtual collaboration workspace
M365 in 5 – Part 5: Teams Chats – Modern communications
M365 in 5 – Part 4: Teams – An introduction to collaboration
M365 in 5 – Part 3: OneDrive for Business – Protected personal collaboration
M365 in 5 – Part 2: SharePoint Online – The new file-share environment
M365 in 5 – Part 1: Exchange Online – Not just a mailbox
Sitting with the C-Suite: Information Governance and eDiscovery - Key Compliance Issues for In-House Counsel
Sitting with the C-Suite: Trial Teams – Narrowing Data through Centric Search
Sitting with the C-Suite: Normalizing Business Practices through Litigation Data
Compliance Perspectives: Regulatory Conflicts in Data Privacy Laws
Jones Day Presents: Effect of GDPR, CCPA, and FTC on Blockchains
[WEBINAR] Public Records Act - Taming the Email Tiger
E14: The Three Pillars of GDPR
Three Key Data Retention Questions
A “low rumple,” followed by a “metallic ‘squink,’” a “mysterious ‘glonk,’” and someone yelling “Dear God!” After over-thinking an ill-timed throat-clearing by a board member of the Susan Ross Foundation, a paranoid and...more
Hawaii’s State Data Office recently issued a series of guidance documents for its state agencies on how to handle artificial intelligence. This includes guidance on data protection, data retention and use of Generative AI....more
The Federal Trade Commission (FTC or Commission) announced long-awaited amendments to the Children’s Online Privacy Protection Act Rule (COPPA Rule) on January 16, 2025, marking the first changes to the COPPA Rule since 2013....more
As we step into 2025, data privacy laws in the United States are evolving rapidly. With eight new state privacy laws taking effect, businesses face an increasingly complex web of compliance obligations—even in states without...more
Many employers have turned to geolocation tools like GPS devices to monitor employees’ whereabouts and movements – especially those working remotely or in field-based roles. While these tools provide an effective way to boost...more
On January 3, 2025, India’s Ministry of Electronics and Information Technology ("MeitY") released the Draft Digital Personal Data Protection Rules, 2025 ("Draft Rules") for public comment. The primary aim of these Draft Rules...more
The Italian Data Protection Authority has adopted an updated version of a guideline document on email retention that it originally issued in December 2023, but which had been suspended....more
Introduction - Below is a brief outline of the legal regulation of personal protection in Ukraine. Governing Data Protection Legislation - 2.1. Overview of principal legislation - The main legal act governing...more
The Masters Conference in Washington, DC, on April 17th, 2024, was a bustling event with crowded sessions throughout the day. The agenda featured a diverse range of topics, such as Modern Data, Link Files, eDiscovery Case...more
Introduction - As a federal state with law-making powers shared between federal and provincial/territorial governments, Canada has both federal and provincial/territorial privacy laws that govern the private and public...more
In Argentina, data protection is governed by comprehensive legislation aimed at safeguarding individuals' personal data. Below you will find an outline of the key aspects including governing legislation, exploring their scope...more
On February 1, 2024, the Federal Trade Commission (FTC) announced that it had reached a proposed settlement with that would require Blackbaud Inc. (“Blackbaud”) to delete personal data it does not need to retain and upgrade...more
Generative artificial intelligence legal applications have arrived. They include everything from automated contract drafting to effective on-demand clause-level search. And more are coming to the market every day. But are...more
On December 20, 2023, the Federal Trade Commission (FTC or Commission) issued a Notice of Proposed Rulemaking (Notice) recommending amendments to the Children’s Online Privacy Protection Rule (COPPA Rule or Rule). The FTC...more
On September 12, 2023, Delaware became the 13th state to adopt a consumer data privacy act, joining Florida, another state to recently adopt consumer privacy laws, and others in providing resident consumers with rights...more
Editor’s note: This post was originally published in October 2020 and has been updated for accuracy and comprehensiveness. They say more is better. And that’s true in many cases, but not when we’re talking about a stockpile...more
Organizations collect and store data for all kinds of reasons, from understanding their customers and anticipating market changes to measuring their performance over time and making strategic business decisions. But as...more
Data is the lifeblood of your organization. It sets the foundation for new business initiatives, workflows, and innovations. As it grows exponentially, its value also grows immeasurably—that is, if it is effectively managed....more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more
What data can companies collect, and how long can they keep it? Our Privacy, Cyber & Data Strategy Team outlines best practices for companies to comply with international, federal, and state laws and guidance to avoid...more
The British Virgin Islands ("BVI") Data Protection Act, 2021 ("DPA") came into force on 9 July 2021. It was introduced so the BVI would have a data protection framework which is broadly similar to EU and UK standards. To...more
When it comes to ensuring enterprise data is safe, understanding recent rulings from different regulatory bodies and how they affect your organization is a vital first step, followed by reasonable measures to further...more
In the not-so-distant past, data risk was primarily seen as a technology challenge. How can organizations store all the data they accumulate? How can they sort and analyze it? How can they protect it from exfiltration by...more
Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more
Companies and consumers alike are under perpetual assault from bad actors as IoT, work from home, and cloud migration – all intended to improve productivity – have expanded the cyber attack surface. The continually evolving...more