Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
REFRESH Nonprofit Basics: Insider Transactions and Nonprofits
FCPA Compliance Report: Death of CTA
Auditing Your Hotline and Case Management System
PODCAST: Williams Mullen's Benefits Companion - Good News for the ACA in 2025
RoboCop: Overview of Corporate Basics and Compliance Filings
The Corporate Transparency Act
John Wick - What You Need To Know about the Corporate Transparency Act
Cannabis Law Now Podcast: Cannabis Companies and the Corporate Transparency Act
US Expatriate Tax Planning - Part 2 - A Podcast with Janathan Allen
EEO-1 Filing After June 4: What to Do Now, and How to Prepare for Next Year - Employment Law This Week®
Examining FinCEN FAQs, Proposed Legislation and Other CTA Developments
US Expatriate Tax Planning - Part 1 - A Podcast with Janathan Allen
AGG Talks: Cross-Border Business - Episode 12: A General Counsel’s Map for International Business Expansion - Part 2
AGG Talks: Cross-Border Business - Episode 12: A General Counsel’s Map for International Business Expansion - Part 1
Navigating the Corporate Transparency Act - Payments Pros – The Payments Law Podcast
DE Under 3: OMB Announced Finalized Overhaul to Federal Race & Ethnicity Data Collection Standards
Webinar: Corporate Transparency Act
What Nonprofit Leaders Need To Know About the Corporate Transparency Act
Regulatory Phishing Podcast - The Impact of Cybersecurity Compliance on Corporate Transactions
On February 20, 2025, the Polish Personal Data Protection Office (UODO) published an updated version of the guide on personal data protection breaches. The first edition was released in 2018. The latest version...more
The NIS 2 Directive requires a wide range of in-scope organizations to adopt robust cybersecurity measures and incident response plans....more
Companies deploying high-risk artificial intelligence (AI) systems must prepare to navigate a complex landscape of new obligations by August 2, 2026. In this post we explain the key obligations for providers and deployers of...more
In today's digital era, the volume of electronic data generated by organizations is staggering. For law firms conducting due diligence, managing this data while ensuring compliance with stringent data privacy regulations is a...more
The European Union published on July 12, 2024 the final text of its Artificial Intelligence (AI) Act, in force on August 1, 2024, which will implement material cybersecurity and incident reporting requirements, among other...more
In December 2023, European Union (EU) lawmakers reached an agreement on the EU AI Act. In our article titled An Introduction to the EU AI Act, we focused on applicability, thresholds, timing, and penalties related to the EU...more
In late 2021, the Quebec legislature passed “The Privacy Legislation Modernization Act” or Law No. 25 (“Law 25”), which was designed to modernize and make significant changes to Quebec’s existing privacy framework....more
On February 23, 2022, the European Commission released a proposal for the Corporate Sustainability Due Diligence Directive (CSDDD or the Directive). The Directive aims to mandate both EU and non-EU companies that conduct...more
ANTITRUST AND COMPETITION - The European Commission’s Merger Simplification Package Enters Into Force - On 20 April 2023, the European Commission (Commission) adopted a new legislative package that entered into force on 1...more
To paraphrase what Ben Franklin may have been alluding to nearly 300 years ago in his famous quote, often the best approach when it comes to reducing the risk of litigation and government enforcement proceedings is to take...more
Cybersecurity incidents pose legal challenges for in-house counsel, alongside their technical implications. This overview highlights key aspects that legal departments must know when reacting to data breaches. ...more
Whistleblowing in Europe has been governed by country-specific regulations, some of which differed widely in terms of content. A number of Member States did not even have a dedicated generally applicable protection system in...more
Editor’s Note: On August 31, 2022, HaystackID shared an educational webcast on the topic of data mining in data breach incident response. As data mining has increasingly become one of the largest expenses during a cyber...more
Takeaway: Although the enactment of the Italian Sunshine Act furthers the global expansion of healthcare transparency, the implied consent provision may not comply with the GDPR....more
We’ve had two seismic, discipline-altering events in Records Management in the last 20 years: 2006: change to the Federal Rules of Civil Procedures brought electronic records management to the forefront. 2011:...more
Adoption of a new law improving the protection of whistleblowers in companies with more than 50 employees. The law implements an EU directive and goes beyond the European requirements. A whistleblower remains a "natural...more
Selected Developments in U.S. Law - SEC Proposed Rule Will Require Private Funds to Report Certain Cyber Events On January 26, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules to enhance hedge fund...more
Despite political and economic uncertainties, markets and deal activity were resilient in 2019, and strong fundamentals remain in place heading into 2020. Companies continue to face a challenging litigation and enforcement...more
On 1 February, 2019, the National Information Security Standardization Technical Committee issued an amended version of the GB/T 35372-2017 Information Technology – Personal Information Security Specification for public...more
Why does this topic matter to organisations? Under the GDPR, the concept of a "processor" has not changed. Any entity that was a processor under the Directive likely continues to be a processor under the GDPR. However,...more
Why does this topic matter to organisations? Each time an organisation processes personal data, it will do so as either a controller or a processor. These roles bear different responsibilities. Therefore, it is critically...more
We are pleased to announce the launch of our UK Employment Flash, covering the latest employment law developments, news and insights from the U.K. Our inaugural issue includes commentary on the U.K. government's proposed...more
Companies face substantial challenges in complying with breach notification requirements under Article 33 of the General Data Protection Regulation (GDPR). Article 33 requires a data controller to report a personal data...more
Datenschutzgrundverordnung stark im Zeichen des Datenschutzes. Viele Unternehmen hatten die Mammut-Aufgabe, die relevanten Anforderungen des Datenschutzes an die Verarbeitung personenbezogener Daten umzusetzen. ...more
Brazil’s New Data Privacy Law - New Legislation Enacted - On August 14, 2018, Brazil enacted its first omnibus data protection law, to become effective in February 2020. ...more