Daily Compliance News: May 16, 2025, The Ethics Nightmare Edition
New York State Restaurant Reservation Anti-Piracy Act Cracks Down on a "Leech Industry"
Consumer Finance Monitor Podcast Episode: The Impact of the Election on the FTC
Compliance Tip of the Day: Standing at the Turning Point
Federal Court Strikes Down FDA Rule on LDTs - Thought Leaders in Health Law®
AI Legislation: The Statewide Spotlight — The Consumer Finance Podcast
100 Days In: What Employers Need to Know - Employment Law This Week® - #WorkforceWednesday®
Breaking Down the Shifting Vaccine Policy Landscape – Diagnosing Health Care Video Podcast
Fair Lending Shake-Ups: CFPB Vacates Townstone Settlement, FHFA Ends GSEs' Special Purpose Credit Programs — The Consumer Finance Podcast
Brooklyn District Attorney Eric Gonzalez – Innovative Approach to Safety
Exploring the Administration's Regulatory Impact on Private Equity — PE Pathways Podcast
Aligning Business Goals with Legal Strategies Amid Regulatory Change – Speaking of Litigation Video Podcast
Shifting Gears: Adapting to Regulatory Changes in Auto Finance — Moving the Metal: The Auto Finance Podcast
Podcast - Hot Topics in FDA Regulation: GLP-1s, LDTs, AI and More
Consumer Finance Monitor Podcast Episode: Everything You Want to Know About the CFPB as Things Stand Today, and Lots More - Part 2
Compliance into the Weeds: The Uncertain Future of Compliance Monitors under the Trump Administration
Cannabis Law Now Podcast - From Law Firm to Board Room: The Journey of a Cannabis Entrepreneur
Daily Compliance News: April 15, 2025, The Redefining Corruption Edition
Predictions regarding the 2023 CRA Rule and Section 1071 and how to prepare for expected developments
Daily Compliance News: April 14, 2025, The Cascade of Corruption Edition
Last month, the federal government announced a major overhaul of the Federal Risk and Authorization Management Program (“FedRAMP”) called “FedRAMP 20x”. FedRAMP 20x is moving forward fast – with new authorizations, community...more
Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more
On Monday, March 24, 2025, the General Services Administration (GSA) launched FedRAMP 20x, as an effort to automate parts of the program and create collaboration with the industry to improve authorization process for cloud...more
WHAT: FedRAMP has announced that it will be working on a new framework for authorization and assessment of cloud services for federal consumption, calling the initiative “FedRAMP 20X” (announcement here). In response to...more
FedRAMP Director Pete Waterman recently unveiled the “FedRAMP 20x” plan – a proposal designed to reimagine and reformulate the FedRAMP authorization process for federal government use of cloud-based products and services....more
Hong Kong’s Legislative Council passed the Protection of Critical Infrastructures (Computer Systems) Bill (the “CI Bill”) on March 19, 2025. This landmark legislation aims to enhance cybersecurity and minimize disruptions...more
On March 20, 2025, the new Federal Law for the Protection of Personal Data held by Private Parties (LFPDPPP of 2025) was published in the Official Gazette of the Federation. The LFPDPPP of 2025 entered into force on March 21,...more
The European Securities and Markets Authority (ESMA) has published official translations of the guidelines on the maintenance of systems and security access protocols for offerors and persons seeking admission to trading of...more
In terms of healthcare data breaches, 2024 was the worst year ever, with the records of at least 53% of the U.S. population involved and two of the biggest healthcare data breaches of 2024 ranking in the top 10 of all time. ...more
On February 5, Delaware joined 21 jurisdictions who adopted guidance similar to the NAIC Model Bulletin on the Use of Artificial Intelligence (AI) Systems by Insurers in 2024, and four additional jurisdictions have otherwise...more
Citing the threats posed by foreign adversaries and criminal organizations, and seeking enhanced accountability for companies that provide software and cloud services to the federal government, the Biden administration has...more
On January 6, 2025, the U.S. Department of Health and Human Services (“HHS”) Office for Civil Rights (“OCR”) published a Notice of Proposed Rulemaking (“NPRM”) to amend the Health Insurance Portability and Accountability Act...more
In all our work with clients, my evaluation and expectations around compliance readiness come down to one point: Governance. This can mean a variety of things when it comes to a compliance program, but overall, we boil it...more
President-elect Donald Trump’s campaign and post-election transition have given several strong indications of how the new administration is likely to approach artificial intelligence (AI) policy during his second term, which...more
Artificial intelligence (AI) technology is advancing at an unprecedented rate, increasing in complexity while driving significant innovation across sectors. In response to the rapid development of AI, myriad compliance...more
We have now reached the 180-day mark since the White House Executive Order (EO) on the Safe, Secure and Trustworthy Development of AI and we are seeing a flurry of mandated actions being completed. See here for a summary of...more
New York has released proposed cybersecurity regulations for hospitals. The regulations, which were published in The State Register on Dec. 6 and will undergo a 60-day public comment period ending on Feb. 5, are designed to...more
On October 30, 2023, the Biden administration released a far-reaching executive order (EO) on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI). The EO issues directives related to the use...more
On Oct. 30, 2023, the president issued an Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. The 117-page order includes a range of directives, many of which are aimed at...more
Last week, the UK’s Online Safety Bill received royal assent and became law. With this development, Ofcom, the regulator for the new Online Safety Act (the Act or OSA), has published a roadmap to explain how the Act will be...more
On 19 September 2023, the UK Parliament passed the Online Safety Bill (“OSB”). The OSB aims to protect individuals from illegal online content and focuses on the protection of children by requiring the removal of content that...more
A flurry of legislative activity over the past year has brought meaningful changes to a variety of privacy and security provisions in state and federal law. At the state level, as in 2022, we have seen a handful of changes to...more
The Securities and Exchange Commission (“SEC”) adopted the final rules (the “Final Rules”) on July 26, 2023 that will require disclosure of material cybersecurity incidents, cybersecurity risk management, strategy, and...more
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted new rules requiring public companies to disclose within four business days material cybersecurity incidents they experience and to disclose annually...more
The SEC has recently voted on new rules that will require companies to disclose material cybersecurity incidents within four days and to make disclosures about their broad cybersecurity risks in their annual report. Tom Fox...more