Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
REFRESH Nonprofit Basics: Insider Transactions and Nonprofits
FCPA Compliance Report: Death of CTA
Auditing Your Hotline and Case Management System
PODCAST: Williams Mullen's Benefits Companion - Good News for the ACA in 2025
RoboCop: Overview of Corporate Basics and Compliance Filings
The Corporate Transparency Act
John Wick - What You Need To Know about the Corporate Transparency Act
Cannabis Law Now Podcast: Cannabis Companies and the Corporate Transparency Act
US Expatriate Tax Planning - Part 2 - A Podcast with Janathan Allen
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Examining FinCEN FAQs, Proposed Legislation and Other CTA Developments
US Expatriate Tax Planning - Part 1 - A Podcast with Janathan Allen
AGG Talks: Cross-Border Business - Episode 12: A General Counsel’s Map for International Business Expansion - Part 2
AGG Talks: Cross-Border Business - Episode 12: A General Counsel’s Map for International Business Expansion - Part 1
Navigating the Corporate Transparency Act - Payments Pros – The Payments Law Podcast
DE Under 3: OMB Announced Finalized Overhaul to Federal Race & Ethnicity Data Collection Standards
Webinar: Corporate Transparency Act
What Nonprofit Leaders Need To Know About the Corporate Transparency Act
Regulatory Phishing Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
Malaysia issued a regulatory guideline for data breach notification in February 2025. This article discusses how the new regulation affects businesses in Malaysia. On 25 February 2025, Malaysia's Personal Data Protection...more
On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more
We explore what trustees need to be aware of when dealing with data and complying with their obligations under the Data Protection (Bailiwick of Guernsey) Law, 2017 and related legislation (the "DP Law")....more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
The American Hospital Association (AHA) has warned that information technology (IT) help desks are being targeted in a social engineering scheme that uses the stolen identity of revenue cycle employees or employees in other...more
In recent regulatory and enforcement developments, the California Privacy Protection Agency (CPPA) proposed a regulatory framework for automated decision-making technology (ADMT) and revisions to the California Consumer...more
Selected Developments in U.S. Law - SEC Proposed Rule Will Require Private Funds to Report Certain Cyber Events On January 26, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance hedge fund...more
A recent SEC settlement shed light on data security and privacy concerns that public companies should keep in mind when drafting and filing periodic reports. The SEC settlement concerned a 2018 data breach at Pearson Plc that...more
On 1 February, 2019, the National Information Security Standardization Technical Committee issued an amended version of the GB/T 35372-2017 Information Technology – Personal Information Security Specification for public...more
Why does this topic matter to organisations? Under the GDPR, the concept of a "processor" has not changed. Any entity that was a processor under the Directive likely continues to be a processor under the GDPR. However,...more
Why does this topic matter to organisations? Each time an organisation processes personal data, it will do so as either a controller or a processor. These roles bear different responsibilities. Therefore, it is critically...more
Companies face substantial challenges in complying with breach notification requirements under Article 33 of the General Data Protection Regulation (GDPR). Article 33 requires a data controller to report a personal data...more
This 10-step guide will walk you through the upcoming changes to the Personal Information Protection and Electronic Documents Act (PIPEDA), the factors to consider in being prepared under PIPEDA and other related...more
The General Data Protection Regulation (GDPR), which is effective May 25, 2018, requires notification to European regulators within 72 hours of the discovery of many types of data breaches. This deadline requires speed and...more
The recent $575,000 settlement with EmblemHealth signals a push from AG Schneiderman “for stronger security laws and hold[ing] businesses accountable for protecting their customers’ personal data.” Noting New York’s “weak and...more
There is much for authorised firms to consider in the year ahead. Firms have been through the intensive period of the enactment of the second Markets in Financial Instruments Directive (MiFID II), but must now step up their...more
The Article 29 Working Party (WP29) recently issued guidelines regarding data controllers' notification obligations following security breaches involving the personal data of EU citizens....more
Frameworks requiring breach notifications of various kinds significantly expanded in scope in 2016 at both the state and federal levels. However, at least in the U.S., some of the new federal requirements may not be in place...more
The Irish Data Protection Commissioner (DPC) has issued a 12-step checklist of actions companies can take now to better prepare for compliance with the General Data Protection Regulation (GDPR), the new EU privacy regulation...more
The General Data Protection Regulation (GDPR or Regulation) has been approved by European Union (EU) members as well as the Council of Europe and, at the time of writing, the draft Regulation is before the European Parliament...more