Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
SCOTUS Clean Air Act Cases: What’s New?
First 100 Days of the New HSR Rules with Antitrust Partner Kara Kuritz
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
From Permits to Penalties: A Deep Dive Into Coastal Development Law
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
PODCAST: Williams Mullen's Benefits Companion - Gag Clause Prohibitions
Cannabis Law Now Podcast - Cannabis in the Show Me State: An Interview with BeLeaf Medical's Mitch Meyers
Compliance Tip of the Day – COSO Objective 1 – Control Environment
#Risk New York Speaker Series – Bridging the Gap: Effective Risk Communication in Compliance with Rob Clark, Jr.
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Episode 374 -- Justice Department Resumes FCPA Enforcement with New, Focused Guidance
2 Gurus Talk Compliance – Episode 54 – The FCPA is Back On Edition
Cruising Through Change: The Auto-Finance Industry’s New Era Under Trump Unveiled — The Consumer Finance Podcast
2023 CRA Rule Repeal: Lessons to be Learned
The Classification of Gasoline & Gasoline Fumes as a Carcinogen: Considerations for Corporate Executives & Attorneys
#Risk New York Speaker Series – Upping Your Game with Tom Fox
Unlocking Crypto's Future: Insights From Coinbase's John D'Agostino — The Crypto Exchange Podcast
Hot Topics in International Trade - Let's Be Serious-Supply Chain Audits
The cybercrime group known as Scattered Spider is at it again, according to Google’s Threat Intelligence Group. This criminal group is known to focus its cyber attacks on one sector at a time. Last spring, it was the retail...more
This monthly report outlines key developments in China’s data protection sector for May. The following events merit special attention...more
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
On February 14, 2025, New York’s Governor Hochul signed into law A.B. 920, which amended the state’s Information Security Breach and Notification Act to add personal health information to the types of data that constitute...more
Artificial intelligence (AI), particularly generative AI, thrives on vast amounts of data, fueling AI capabilities, insights, and predictions. But with this reliance on data comes potential privacy and security risks. And...more
Following Malaysia’s introduction of data breach notification and data protection officer (“DPO”) appointment requirements in last year’s significant amendments to the Personal Data Protection Act (“PDPA”) (click here for our...more
Those familiar with the industry know that cannabis retailers find themselves in a unique position compared to other product retailers. Cannabis retailers face significant regulatory hurdles to their operation—particularly in...more
With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more
The intersection of economic indicators and Hart-Scott-Rodino (HSR) transaction trends provides a detailed view of the evolving mergers and acquisitions (M&A) environment. These insights are essential for professionals...more
On May 29, 1453 the walls of Constantinople had stood unbreached for more than a thousand years. Yet on that day, the army of Sultan Mehmed II was able to force entry into the city through the Gate of St. Romanus. The...more
Change Healthcare Inc. has amended its initial breach report to the HHS Office for Civil Rights (OCR) to state that 100 million individuals were impacted by its mammoth ransomware attack and breach. However, as of Oct. 24,...more
The US privacy legal landscape continues to expand in 2024, with most of the momentum led by state laws. ...more
Let’s review for a moment. It’s not a HIPAA violation to be a victim of ransomware. It’s not a HIPAA violation to pay a ransom. It’s up to the covered entity (CE) to determine if a security or privacy incident is a...more
A warm welcome to the Summer edition of Conyers Coverage. The whirlwind that is the Cayman Islands (re)insurance industry continues to blow with gusto! To keep you updated on recent developments, we include various items from...more
United Healthcare Group (UHG) CEO Andrew Witty was in a board meeting on Feb. 21 when officials interrupted with the news that Change Healthcare—a clearinghouse UHG subsidiary Optum had purchased for $1.3 billion in October...more
A privacy breach can have detrimental consequences for startups: A privacy breach may trigger legal consequences and regulatory scrutiny, especially for a startup that operates in areas with stringent data protection laws...more
With a couple of “firsts,” the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is signaling that it is cracking down on healthcare organizations that fail to identify and address cybersecurity...more
The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more
The U.S. Securities and Exchange Commission has a message for publicly-traded companies that suffer a data breach: own up. On Monday, the SEC sued Texas-based SolarWinds––and its Chief Information Security Officer...more
The NCUA stated the new rule, which was approved on Feb. 16, 2023, aims to mitigate cyber incidents “that [lead] to a substantial loss of confidentiality, integrity, or availability of a network or member information system...more
France's Orientation and Programming Law of the Ministry of the Interior ("LOMPI law"), published in the Official Journal of January 25, 2023, amends the insurance coverage of losses and damages paid in response to...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
The Financial Crimes Enforcement Network (“FinCEN”) of the U.S. Department of the Treasury (“Treasury”) has made clear that businesses engaging in certain activities involving virtual currencies are subject to registration,...more
Continued widespread cyber attacks have leaders in just about every industry wary and watchful, and insurance underwriters are no exception. Given the increase in claims from recent ransomware attacks, cyber insurers are...more
As the onslaught of data breaches and ransomware attacks continues, state governments are grappling with ways to bolster the impact and reach of breach notification laws. All fifty states, Puerto Rico, Guam, the Virgin...more