Daily Compliance News: May 1, 2025, The 100 Days of Corruption Edition
Beyond the Bylaws: The Medical Staff Show | The Role of Bylaws in Medical Staff Governance, Part II
Compliance Tip of the Day – AI and Behavioral Analytics
100 Days In: What Employers Need to Know - Employment Law This Week® - #WorkforceWednesday®
Upping Your Game: Episode 1 – Meeting Hui Chen’s Challenge
Compliance Tip of the Day: AI and Compliance Education
The Next FCRA Frontier: Identity Theft and CFPB Updates — FCRA Focus Podcast
Daily Compliance News: April 29, 2025, The GenZ/RTO Edition
FCPA Compliance Report: From Compliance to Commercial Value: Removing Friction with AI
Compliance Tip Of the Day: Using AI to Transform Whistleblower Response
Episode 366 -- DOJ Issues Data Security Program Requirements
10 For 10: Top Compliance Stories For the Week Ending April 26, 2025
Compliance Tip of the Day: The Future of Continuous Monitoring
FCPA Compliance Report: Ellen Hunt on Compliance ROI and on a Due Diligence and the US Sentencing Guidelines
Compliance Tip of the Day: Leveraging AI for Real-Time Third-Party Risk Management
Navigating the Future of Payment Stablecoins: Legislative Updates and Market Implications — Payments Pros – The Payments Law Podcast
Navigating the Future of Payment Stablecoins: Legislative Updates and Market Implications — The Crypto Exchange Podcast
Compliance Tip of the Day: AI and Predictive Analytics
Exploring the Administration's Regulatory Impact on Private Equity — PE Pathways Podcast
Aligning Business Goals with Legal Strategies Amid Regulatory Change – Speaking of Litigation Video Podcast
Major changes are coming again to the Federal Risk and Authorization Management Program ("FedRAMP"), the federal government's cybersecurity authorization program for cloud service providers ("CSPs")....more
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
What Is Vendor Onboarding? Vendor onboarding is the process of establishing a company as an approved provider of technology, goods, or services to your organization. It’s also an essential early step in the vendor risk...more
The U.S. General Services Administration (GSA) recently announced plans to develop the Federal Risk and Authorization Management Program (FedRAMP) 20x – a new approach to the government-wide program for the security...more
The demand for data centers is continuing to accelerate, fueled largely by generative artificial intelligence (Gen AI), broader digital transformation, and organizations migrating to cloud infrastructure. Gen AI adoption...more
Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more
WHAT: FedRAMP has announced that it will be working on a new framework for authorization and assessment of cloud services for federal consumption, calling the initiative “FedRAMP 20X” (announcement here). In response to...more
The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more
On May 31, 2025, the Alberta Security Management for Critical Infrastructure Regulation (the Regulation) will come into force and is expected to alter existing security requirements for critical resource infrastructure in...more
The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more
The European Banking Authority (EBA) has published a final report with amending guidelines in respect of Guidelines EBA/GL/2019/04 on ICT and security risk management. The EBA reviewed the Guidelines in light of the Digital...more
The European Commission has published a letter (dated 21 January 2025) addressed to the Joint Committee of the European Supervisory Authorities (ESAs) rejecting certain draft regulatory technical standards (RTS) the ESAs...more
On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more
WHAT: The FAR Council published a proposed rule to incorporate the Controlled Unclassified Information (CUI) Program into the acquisition process and, in doing so, seeks to more clearly define government and contractor roles...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
Beginning 17 January 2025, the Digital Operational Resilience Act (DORA) will apply to almost all EU financial entities, including banks, insurers and reinsurers, brokers , payment and electronic money institutions,...more
Looking for something more advanced than your average export controls conference? Go beyond the basics at ACI’s 2nd Annual Advanced Forum on Global Export Controls. This premier event offers cutting-edge insights and...more
Digital Operational Resilience Act (DORA) aims to harmonize provisions related to cybersecurity and information and communication technology (ICT) risk management in the financial sector. Its scope covers nearly all entities...more
Background - The Digital Operational Resilience Act (DORA), a European Union (EU) regulation that is set to transform how financial entities and their information technology (IT) service providers manage operational risks,...more
A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more
Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more
On March 26, 2024, the HHS Office of Inspector General (OIG) released a cybersecurity toolkit for HHS leaders to help them plan and deploy information systems in response to disasters and public health emergencies. The...more
Technology’s exponential development and use in healthcare provides potentially significant benefits for behavioral health patients but also raises ethical and compliance concerns. The most recent technological advance...more
When a cyber breach occurs, cooler heads need to prevail. This can be a highly emotional and stressful occurrence. Being prepared and having a clear plan of action will help you stay focused, meet your compliance...more
On November 1, 2023, the New York Department of Financial Services (NYDFS) announced the adoption of amendments to its Cybersecurity Regulation 23 NYCRR Part 500 (“Amended Cybersecurity Rules” or “Amended Rules”). NYDFS...more