Tariffs and Trade Series: What Investors Need to Know
Compliance Tip of the Day: Using Supply Chain to Innovate in Compliance
State AGs Unite: New Privacy Task Force Signals Shift in Regulatory Power Dynamics — The Consumer Finance Podcast
Early Returns Podcast - Oliver Roberts: AI and the Law, and an Education
Compliance into the Weeds: Leaving on a (Qatari) Jet Plane
(Podcast) California Employment News: Back to the Basics of Employee Pay Days
Compliance Tip of the Day: Multiplying the Influence of Compliance
Innovation in Compliance: Navigating Regulatory Changes and Compliance in Trade and Data Privacy with Stephanie Font
Compliance tip of the Day: Communication Through Persuasion
All Things Investigations: Task Force Strategies - Addressing New Government Priorities
10 For 10: Top Compliance Stories For the Week Ending May 10, 2025
Compliance Tip of the Day: Middle Managers as the Eyes and Ears of Compliance
Everything Compliance: Episode 153, The CW 25 Edition
ADA Compliance for Medical and Dental Practices: Responding to Inquiries and Investigations
Innovation in Compliance: Exploring the Intersection of Compliance, Technology, and AI with Ben Sperry
Compliance Tip of the Day: Elevating Compliance Through Connected Middle Managers
Understanding Human Trafficking and Modern Slavery: A Business Imperative with Clint Palermo
Shout Outs and Rants: Episode 153, The CW 25 Edition
Daily Compliance News: May 6, 2025 the Made in China Edition
Compliance Tip of the Day: Middle Managers as Compliance Change Agents
When we are retained by clients to guide them through a cyber-attack in which information has been stolen by a threat actor, we almost always find that the client has unnecessarily stored sensitive information far beyond the...more
During the 2024 legislative session, the Colorado General Assembly passed Senate Bill 24-205, which is known as the Colorado Artificial Intelligence Act (CAIA). This law will take effect on February 1, 2026, and requires...more
Governance, risk, and compliance (GRC) can feel like thankless work at times. You can’t ship risk mitigation to market. It's not usually reflected on your balance sheet. Only especially canny investors notice the absence of...more
Artificial intelligence (AI) is rapidly reshaping the digital health sector, driving advances in patient engagement, diagnostics, and operational efficiency. However, for Privacy Officers, AI’s integration into digital health...more
The 1:10:100 rule—coined in 1992 by George Labovitz and Yu Sang Chang, the rule describes how much bad data costs. Preventing the creation of bad data at its source costs $1. Remediating bad data costs $10. Doing nothing...more
ComplexDiscovery Editor’s Note: Emotional bonds with AI are no longer speculative—they’re shaping user behavior and redefining the risks legal professionals must address. This thoughtful exploration of artificial intimacy...more
In late March 2025, the Florida Bar Board of Governors unanimously endorsed the recommendation of its Special Committee on Cybersecurity and Privacy Law that law firms should adopt written incident response plans (IRPs) to...more
As robotics technology rapidly advances in connection with the use of artificial intelligence (AI), the collection, processing, and storage of personal information—including biometric data—will become increasingly common....more
Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more
Everyone is talking about DeepSeek for its increase performance and efficiency. However, with that comes additional risks, as DeepSeek is subject to Chinese national law, and there are still many unanswered questions...more
When we write about data privacy, it’s easy to default to talking to “privacy professionals.” But take a look at the privacy management industry: The privacy program managers, chief privacy officers, and other purely...more
The Virginia law, like the Colorado Act, would have imposed various obligations on companies involved in the creation or deployment of high-risk AI systems that influence significant decisions about individuals in areas such...more
In March 2023, Elon Musk and Steve Wozniak, along with other technology experts, signed an open letter asking that training powerful AI models be stopped until stronger AI governance laws could be developed. Two months later,...more
In today’s heightened enforcement environment, compliance auditing isn’t just a best practice—it’s a necessity. Federal and state laws and industry guidance, including the Office of Inspector General (OIG) Compliance Program...more
On March 20, 2025, the new Federal Law for the Protection of Personal Data held by Private Parties (LFPDPPP of 2025) was published in the Official Gazette of the Federation. The LFPDPPP of 2025 entered into force on March 21,...more
U.S. companies and organizations have entered a new era of sweeping restrictions on cross-border data transfers. The Department of Justice's (DOJ) Final Rule, "Preventing Access to U.S. Sensitive Personal Data and...more
The European Data Protection Board's (EDPB) Opinion 28/2024 provides valuable insights into the intersection of artificial intelligence and data protection, particularly in the context of compliance with the EU General Data...more
In the rapidly evolving landscape of digital infrastructure, data center developers face unique challenges and opportunities. This blog post delves into the intricacies of structuring investments and working with investors in...more
While AI has many people uptight, Aescape has developed technology to help you relax – AI robotic massage. Aescape touts that it combines the timeless art of massage with robotics and artificial intelligence to deliver an...more
On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more
The PRC Personal Information Protection Law (PIPL) mandates regular data compliance audits. Following a consultation period beginning in August 3, 2023, the Cyberspace Administration of China (CAC) issued the Measures for...more
On February 14, 2025, the Cyberspace Administration of China ("CAC") finalized the "Personal Information Protection Compliance Audit Measures" ("Audit Measures"), which refines the draft version released on August 3, 2023...more
On November 8, 2024, the California Privacy Protection Agency (the “Agency” or the “CPPA”) Board met to discuss and commence formal rulemaking on several regulatory subjects, including California Consumer Privacy Act (“CCPA”)...more
Responsible organizations understand that privacy governance is essential for the systematic and compliant management of personal data and for maintaining customer and stakeholder trust. In a world where people increasingly...more
On 11 February 2024, the European Data Protection Board (EDPB) adopted a new statement on age assurance. This statement, while not legally binding, will guide the enforcement of age-gating methods across the EU. Age assurance...more