Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
Large Language Models (“LLMs”) are a subset of artificial intelligence (“AI”) which use a type of machine learning called deep learning in order to understand how characters, words, and sentences function together. The advent...more
The CRA will affect a broad range of digital products placed on the EU market (including by those based outside the EU), including connected hardware/devices, software and remote data processing solutions. The EU has adopted...more
The guidelines specify the requirements for data controllers to conduct risk assessments related to the transfer or disclosure of personal data outside the Kingdom. ...more
Right now, we are all taking stock of the many important issues and challenges we saw crop up for clients last year, trying to predict what they will face in the coming year, and strategizing about how we can help....more
The European Data Protection Board (EDPB) has released a comprehensive opinion addressing key data protection concerns related to the development and deployment of artificial intelligence (AI) models. The opinion, requested...more
Artificial intelligence (AI) is transforming industries at an unprecedented pace, but it also introduces complex compliance challenges. While many regions are ramping up their regulatory frameworks to address these risks,...more
Life science companies will have to grapple with unique questions in complying with the European Artificial Intelligence Act, including the scope of the law’s research exemption and the use of AI in personalized medicine and...more
Are you responsible for privacy compliance at your company? This alert summarizes key takeaways from Paul Rothermel's recent presentation 10 Things You Should Know About Privacy, Consent, and HIPAA...more
Key Points - Colorado’s new AI law creates new obligations for developers and deployers of high-risk artificial intelligence (AI) systems. Similar to the EU AI Act, the law is risk-based and defines a “high-risk” AI system as...more
The EU AI Act marks a new milestone in the landscape of AI governance — and businesses are taking note. This past March, the EU passed new regulations surrounding AI in the EU AI Act that have been years in the making....more
The newly promulgated measures increase the threshold of data triggering security assessments and contract requirements while leaving room for Chinese authorities to heavily restrict cross-border data transfers. In...more
On March 13, 2024, the European Parliament adopted the Artificial Intelligence Act (AI Act). It is considered to be the world’s first comprehensive horizontal legal framework for AI. It provides for EU-wide rules on data...more
Numerous laws (U.K. Bribery Act guidance document, German Supply Chain Act, Foreign Corrupt Practices Act resource guide, OECD Due Diligence Guidance for Responsible Supply Chains of Minerals from Conflict-Affected and...more
California continues to push beyond other states in developing and implementing privacy and cybersecurity regulations. The latest evidence came from the recent release of draft regulations from the California Privacy...more
Recent breakthroughs in generative artificial intelligence (AI) have captured significant media attention. Developers argue that the technology, which learns from data to produce new text, visual, or audio content based on a...more
Der Europäische Gerichtshof (EuGH) wird bald darüber entscheiden, ob europäische Datenschutzbehörden künftig leichter Bußgelder nach Art. 83 DSGVO gegen Unternehmen verhängen können. Diese Entscheidung kann großen Einfluss...more
2023 may be the year of privacy laws. Five states have new laws that go into effect this year, which will likely usher in a new era of consumer privacy protections in the United States....more
2022 was yet another eventful year in terms of GDPR compliance. The continued evolution of the enforcement landscape, with increasing number of sanctions and individuals exercising their rights required time and attention...more
The Gramm-Leach-Bliley Act (GLBA) is typically referred to in the context of financial institutions. It requires offerers of consumer financial products to explain how they share information and protect sensitive data. It’s...more
FTC Is Tracking Twitter Developments With “Deep Concern” - Elon Musk’s recent purchase of Twitter has led to numerous resignations in the security department. Most recently, Twitter’s chief information security officer,...more
Deadline to adopt EU Standard Contractual Clauses - Many organizations uses the European Union’s Standard Contractual Clauses (SCCs) to govern their transfers of personal data from the European Economic Area (EEA) to other...more
1. Introduction- China’s cross-border data transfer rules are unfolding in real time and taking clearer shape. On July 7, 2022, China’s cybersecurity regulatory agency, the Cyberspace Administration of China (“CAC”), issued...more
When the California Consumer Privacy Act of 2018 (CCPA) became law, it was only a matter of time before other states adopted their own statutes intending to enhance privacy rights and consumer protection for their residents. ...more
Keypoint: The CPRA, CPA and VCDPA require data protection assessments for certain processing activities; however, when and how entities must conduct and prepare assessments varies....more
On 28 January 2022 (Data Protection Day), the UK’s International Data Transfer Agreement (“IDTA”) and International Data Transfer Addendum to the European Commission’s Standard Contractual Clauses (the “EU Addendum”) were...more