Episode 369 -- Stepping Into the Enforcement Spotlight -- Customs and Border Patrol and Import Enforcement
Tariffs and Trade Series: What Investors Need to Know
Compliance Tip of the Day: Using Supply Chain to Innovate in Compliance
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Early Returns Podcast - Oliver Roberts: AI and the Law, and an Education
Compliance into the Weeds: Leaving on a (Qatari) Jet Plane
(Podcast) California Employment News: Back to the Basics of Employee Pay Days
Compliance Tip of the Day: Multiplying the Influence of Compliance
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Compliance tip of the Day: Communication Through Persuasion
All Things Investigations: Task Force Strategies - Addressing New Government Priorities
10 For 10: Top Compliance Stories For the Week Ending May 10, 2025
Compliance Tip of the Day: Middle Managers as the Eyes and Ears of Compliance
Everything Compliance: Episode 153, The CW 25 Edition
ADA Compliance for Medical and Dental Practices: Responding to Inquiries and Investigations
Innovation in Compliance: Exploring the Intersection of Compliance, Technology, and AI with Ben Sperry
Compliance Tip of the Day: Elevating Compliance Through Connected Middle Managers
Understanding Human Trafficking and Modern Slavery: A Business Imperative with Clint Palermo
Shout Outs and Rants: Episode 153, The CW 25 Edition
Daily Compliance News: May 6, 2025 the Made in China Edition
In response to a record year of personal data breaches in 2024, affecting millions of individuals, the French data protection authority (CNIL) has published a set of security directives for operators of large databases. While...more
Cybercriminals look for two things when seeking a victim—access and opportunity. ERISA retirement plans offer both. Cybercriminals exploit weaknesses in systems, software, or human behavior to find opportunities for easy...more
In the context of a significant increase in data breaches and cyber-attacks impacting hospitals, the French Data Protection Authority (“CNIL”) has launched a series of investigations and issued several formal notices to...more
On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more
Welcome to your monthly rundown of all things cyber, privacy, and technology, where we highlight all the happenings you may have missed. ...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
Editor’s Note: White-collar investigations can send shockwaves through an organization, demanding swift, strategic, and legally sound responses. In a recent HaystackID® webcast, experts broke down the complexities of...more
Malaysia introduced a mandatory data protection officer appointment in February 2025. We discuss the implications of this new regulatory requirement for businesses operating in Malaysia....more
On February 14, 2025, New York’s Governor Hochul signed into law A.B. 920, which amended the state’s Information Security Breach and Notification Act to add personal health information to the types of data that constitute...more
Chile has amended its data privacy law granting significant rights to data subjects, and imposing stricter obligations on data controllers and processors. Published in the Official Gazette (Diario Oficial) on December 13,...more
On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more
Following Malaysia’s introduction of data breach notification and data protection officer (“DPO”) appointment requirements in last year’s significant amendments to the Personal Data Protection Act (“PDPA”) (click here for our...more
Recently, we had the opportunity to advise some clients who worked with a third-party vendor that maintained custody of personal information pertaining to our clients’ respective end users. The vendor suffered a data breach...more
Those familiar with the industry know that cannabis retailers find themselves in a unique position compared to other product retailers. Cannabis retailers face significant regulatory hurdles to their operation—particularly in...more
On December 24, New York Gov. Kathy Hochul (D) signed into law an amendment to section 899-aa of the N.Y. General Business Law, also known as The Shield Act, modifying the law’s data breach notification requirements....more
On January 23, 2025, PayPal settled an enforcement action brought by the New York State Department of Financial Services (NY DFS) for failing to comply with cybersecurity regulations required for financial services businesses...more
Since the full implementation of Thailand’s Personal Data Protection Act (PDPA) in June 2022, the Personal Data Protection Committee (PDPC) has been instrumental in shaping the nation’s data protection framework. ...more
On January 13, 2025, the Securities and Exchange Commission (“SEC”) filed a settled enforcement action against Ashford Inc. (“Ashford” or “the Company”), a company that provides products and services to the real estate and...more
O ano de 2024 representou um período de grande amadurecimento institucional e regulatório para a Autoridade Nacional de Proteção de Dados (ANPD). Em um cenário marcado por avanços tecnológicos acelerados e discussões...more
At the end of 2024 the Italian Data Protection Authority issued a 15 million euro fine in the first generative AI-related case brought under GDPR. According to Garante (the Italian authority), OpenAI trained ChatGPT with...more
Tomorrow is International Data Privacy Day, so a happy day to all! More seriously, data privacy concerns and legislation continue to rapidly increase. It has been estimated that by the end of 2024 more than 75 percent of...more
The Federal Trade Commission (FTC) issued a proposed settlement order against GoDaddy alleging that it “has failed to implement reasonable and appropriate security measures to protect and monitor its website-hosting...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
The Personal Data Protection Commission (PDPC) of Singapore recently issued a mandate requiring all businesses operating in the country to appoint a Data Protection Officer (DPO) by September 30, 2024, and submit their...more
At first glance, the headline looks like a typo: The EU rules against the EU…for breaching EU data protection law?...more