When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Uncovering Hidden Risks: Ep 13 - Unveil Data Security Paradoxes
Orrick Partner Beth McGinn joins RegFi co-hosts Jerry Buckley and Sasha Leonhardt for our second episode focused on the proposed American Privacy Rights Act and its potential impact on the financial services industry. Beth...more
Hackers are now weaponizing the SEC’s cyber disclosure rules as a new way to pressure corporations. You may recall that the Securities and Exchange Commission has new rules for timely disclosure of cyberattacks. One major...more
Cyber incidents are among the fastest-growing existential threats to publicly traded companies. More than a technical headache, breaches can materially impact your bottom line—and the mere news of an incident can send stocks...more
On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a...more
Nelson Mullins invites you to the two-day webinar, Creating a Data Privacy & Security Playbook for 2024: An Overview of Compliance and Regulations, AI, and Data Breach Concerns, on Feb. 7 and 8 in honor of Privacy Day...more
Our Securities Litigation, Securities, and Privacy, Cyber & Data Strategy teams outline vital takeaways for public companies and their directors and officers in light of the Securities and Exchange Commission’s recent civil...more
On October 11th, our Data, Privacy and Security team hosted the 10th Annual Cybersecurity & Privacy Summit. We were delighted to be joined by about 100 clients, colleagues, and friends in-person at our Atlanta office, with...more
The Securities and Exchange Commission (“SEC”) adopted the final rules (the “Final Rules”) on July 26, 2023 that will require disclosure of material cybersecurity incidents, cybersecurity risk management, strategy, and...more
Boards of Directors for public companies across the country are likely to be taking stock of their companys’ cybersecurity practices and strategies after the Securities and Exchange Commission’s adoption of the Cybersecurity...more
On July 26, the Securities and Exchange Commission (“SEC”) finalized a much anticipated rule addressing cybersecurity risk management, strategy, governance, and incident disclosure. Public companies registered with the SEC...more
“Material Cybersecurity Incident” Standard Will Have a Monumental Impact on Current Cyber Disclosure Requirements - On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) adopted the Cybersecurity Risk...more
On July 26, 2023, the SEC adopted final rules that require public companies to promptly disclose material cybersecurity incidents on Form 8-K and detailed information regarding their cybersecurity risk management and...more
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted new rules requiring public companies to disclose within four business days material cybersecurity incidents they experience and to disclose annually...more
The SEC has recently voted on new rules that will require companies to disclose material cybersecurity incidents within four days and to make disclosures about their broad cybersecurity risks in their annual report. Tom Fox...more
In Webb v. Injured Workers Pharmacy, LLC, the First Circuit recently reversed a lower court’s dismissal of class action claims brought by former pharmacy patients alleging that their sensitive personal information had been...more
The Securities and Exchange Commission (SEC) finalized cybersecurity rules this week for public companies centered on disclosure requirements for material cybersecurity incidents, as well as periodic reporting regarding...more
At an Open Meeting on July 26, 2023, the US Securities and Exchange Commission (SEC) adopted final rules and amendments that impose new cybersecurity-related disclosure requirements for public companies subject to the...more
In yet another indication of the increasing weight being given by government officials to cybersecurity, on July 26, 2023, the Securities and Exchange Commission adopted new rules requiring public companies to disclose...more
In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies. The rules, which will become effective thirty days after publication in...more
Come December 2023, public companies will have a very narrow window to report cybersecurity incidents that materially affect their companies. Companies will also have to report annually how they assess and manage...more
In remarks to the audience at a Financial Times summit earlier this month, Gurbir Grewal, SEC Director of Enforcement, citing a recent poll from Deloitte, observed that over “a third of executives reported that their...more
Amazon Sued for Not Telling New York Store Customers about Tracking Biometrics - “Thanks to a 2021 law, New York is the only major American city to require businesses to post signs letting customers know they’re tracking...more
A recent significant enforcement action brought by the U.S. Securities and Exchange Commission against Blackbaud Inc. highlights the importance of public companies maintaining disclosure controls and procedures relating to...more
President Biden signed into law the Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) on March 15, 2022. The enactment of CIRCIA follows attacks on critical infrastructure, such as the May 2021...more
The SEC has issued proposed rules on disclosure of cybersecurity incidents. Specifically, the SEC is proposing to: Amend Form 8-K to add Item 1.05 to require registrants to disclose information about a cybersecurity...more