Healthcare Enterprise Risk Management
Understanding MALPB Charters: A Collaborative Approach to Banking Innovation — Payments Pros – The Payments Law Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — Regulatory Oversight Podcast
The fatal flaws in the 2023 CRA rule
Evolving AI Legislation: Federal Policies, Task Forces, and Proposed Laws — The Good Bot Podcast
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
From Cell Phones to Tractors: The Right to Repair Movement Drives On — Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight - Regulatory Oversight Podcast
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
Solicitors General Insights: A Deep Dive With Mississippi and Tennessee Solicitors General — Regulatory Oversight Podcast
Leadership and Innovation at the Illinois AG's Office — Regulatory Oversight Podcast
Navigating the Future of Payment Stablecoins: Legislative Updates and Market Implications — Payments Pros – The Payments Law Podcast
Shifting Gears: Adapting to Regulatory Changes in Auto Finance — Moving the Metal: The Auto Finance Podcast
State AG Pulse | “Don’t Mess With Our Health or Our Kids!”
Podcast - FTC Commissioner Dismissals: Background and Implications
State AG Pulse | With the Reshaping of Government, More Power To State AGs
The Future of Auto Dealership Compliance: A Conversation With Tom Kline — Regulatory Oversight Podcast
State AG Pulse | DEI in the Federal and State Spotlight
The People's Protector: A Conversation With AG Jason Miyares — Regulatory Oversight Podcast
Bipartisan Leadership and Reform at NAAG: Insights From Brian Kane — Regulatory Oversight Podcast
Brazil intends to regulate AI through Bill No. 2,338/2023 ("Brazil's Proposed AI Regulation"), although there are currently no specific codified laws, statutory rules or regulations in Brazil that directly regulate AI....more
In this crossover episode of The Consumer Finance Podcast and Regulatory Oversight, Chris Willis, Kim Phan, and Stephen Piepgrass provide insights on a new joint privacy task force among several state AGs, known as the...more
On May 8 2025, the Swiss Federal Data Protection and Information Commissioner (FDPIC) confirmed that the Federal Act on Data Protection (FADP) is directly applicable to AI-supported data processing. The FDPIC clarified...more
Active in the fintech landscape since 2017, the dedicated Walkers’ team are recognised as global leaders in this dynamic sector - Fluent in six important jurisdictions of choice, we take a jurisdiction agnostic approach,...more
What happens when data protection collides with the relentless pace of digital innovation? That’s the question the European Data Protection Board (EDPB) seemed to confront head-on in 2024, a year marked by unprecedented...more
The Spanish Government has published the Preliminary Draft Act for the proper use and governance of Artificial Intelligence (the "Draft Act"), which aims to complement and develop the framework set out by the AI Regulation....more
On Jan. 6, 2025, the U.S. Department of Health and Human Services (HHS) proposed new regulations to enhance cybersecurity protections for electronic protected health information (ePHI) under the Health Insurance Portability...more
The EU Digital Operational Resilience Act (DORA) took effect on 17 January 2025 after a two-year implementation period. DORA sets out new requirements for financial entities (FEs) and their information technology and...more
The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more
More than four years after an industry trade association first filed its challenge to a November 2020 ballot initiative in Massachusetts, a federal judge issued an order in Alliance for Automotive Innovation v. Campbell...more
Every year, the Financial Industry Regulatory Authority (FINRA) issues an Annual Regulatory Report in an effort to provide FINRA Member Firms with insight into findings from FINRA’s regulatory operations programs. The Annual...more
How should multiple claimants seek compensation for alleged data misuse? It had originally been thought that the answer might be a representative action; an “opt-out” procedure enabling a single claimant to bring proceedings...more
Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more
Turkey has published multiple guidelines on the use of AI in various sectors; Turkish government expected to enact AI-specific regulation in the near future. Laws/Regulations directly regulating AI (the “AI Regulations”) ...more
Saudi Arabia is yet to enact AI Regulations, relying on guidelines to establish practice standards and general principles. Laws/Regulations directly regulating AI (the “AI Regulations”) There are currently no AI...more
Nigeria's draft National AI Policy underway and will pave the way for a comprehensive national AI strategy. Laws/Regulations directly regulating AI (the “AI Regulations”) There is currently no specific law or...more
The US relies on existing federal laws and guidelines to regulate AI but aims to introduce AI legislation and a federal regulation authority. Laws/Regulations directly regulating AI (the “AI Regulations”) Currently,...more
United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more
As we discussed in part three of this series, “Navigating the Complexities of Regulatory Data Incident Investigations,” when an organization is the subject of regulatory data incident investigations, it must navigate a...more
On February 9, 2024, California’s Third District Court of Appeals reinstated the California Privacy Protection Agency’s (“CPPA”) ability to enforce the California Privacy Rights Act of 2020 (“CPRA”) regulations. The CPRA...more
At Cornell University, institutional review board (IRB) members meet with the chief information security officer and a liaison to the general counsel’s office. Their regular attendance has been “really critical,” said IRB...more
With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more
A significant number of federal legislative proposals that focus on online child safety have been introduced. If enacted, they would modify online providers’ obligations to remove and report child sexual exploitation (CSE)...more
We previously reported on regulators’ increased attention to the use of big data systems, including external consumer data and information sources, algorithms and predictive models. Recent announcements in Colorado, Louisiana...more
Readers of this blog know that we’ve been closely following the California Privacy Rights Act (CPRA) rulemaking process. California passed the law in 2020 to update the California Consumer Privacy Act of 2018 with additional...more