Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
Selected U.S. Privacy and Cyber Updates - CISA Posts Notice of Proposed Rulemaking Under CIRCIA - On March 27, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) published a notice of proposed rulemaking (NPRM)...more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
In this month’s Privacy & Cybersecurity Update, we examine the European Commission’s draft adequacy decision on the EU-U.S. Data Privacy Framework, as well as guidance from the U.K. Information Commissioner’s Office on...more
Register for NAVEX Next, our annual risk and compliance virtual conference. Formerly the Ethics & Compliance Virtual Conference (ECVC), the new name recognizes that we must be forward-looking as we face an increasingly...more
The Federal Data Protection and Information Commissioner (FDPIC) has determined that the Swiss-United States Privacy Shield does not provide an adequate level of data protection for data transfers from Switzerland to the U.S....more
Although organizations have dealt with privacy issues for years, only in the past decade have they begun to view the complexities of privacy as requiring formal organizational structure, dedicated employees, and/or dedicated...more
GDPR: A Snapshot - The GDPR updates the EU’s 1995 framework data privacy law—which is outdated due to the technological advances that have occurred since the mid-1990s. The European Commission proposed the GDPR in 2012,...more
2015 has seen landmark changes in privacy and cybersecurity laws and regulatory best practices. These developments have had a direct impact on cloud vendors. For example, evolving judicial and regulatory interpretations of...more
Last week, the Court of Justice of the European Union (CJEU) gave an important ruling which any business transferring personal data between the EU and the United States should know about — in particular those that make use of...more