Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Preparing for a Government Healthcare Audit
Tackling Credit Push Fraud: Understanding Nacha's Risk Management Package (Part Two) — Payments Pros: The Payments Law Podcast
Compliance into The Weeds: The Complexity of Risk Assessments
Behavioral Health Compliance
The Importance of Assessment Areas
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Taking a Behavioral Approach to Compliance
Episode 291 -- Interview of Mary Shirley on Her New Compliance Book
ChatGPT Risks for Compliance Programs
Season 2 Episode 3 - The Role of Ethics and Compliance Programs in International Business
In the Boardroom With Resnick and Fuller - Episode 4
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
"Board-er" Patrol in Privacy and Cyberattacks - Unauthorized Access Podcast
In this blog post, we will focus on obligations that the European Union’s Artificial Intelligence Act (AI Act) sets for deployers, providers, importers and distributors regarding high-risk AI systems....more
With under six months to go until the European Union Digital Operational Resilience Act (DORA) becomes applicable on 17 January 2025, DORA implementation projects are running full steam ahead. DORA lays down uniform...more
Share on Twitter Print Share by Email Share Back to top “The basic idea for covered firms is if you’ve got a breach, then you’ve got to notify. That’s good for investors.” Those were among the remarks that U.S. Securities and...more
Generative artificial intelligence (“GAI”) has the potential to revolutionize efficiency and productivity in our day-to-day working lives. But while this technology is becoming more sophisticated by the day, companies should...more
Examining AI tools: Before deciding to purchase and implement AI tools in an organization, one must consider various aspects, including privacy issues, discrimination, copyright protection, and suppliers and contracts. The...more
On December 19, 2023, the Federal Trade Commission (FTC) announced an enforcement action against the retail pharmacy Rite Aid for unfair practices associated with its use of a facial recognition technology (FRT) surveillance...more
A major amendment to the New York State Department of Financial Services' cybersecurity regulations establishes affirmative cybersecurity oversight duties and requires companies to report extortion payments to the agency....more
Most people know what a deepfake is but have not put much thought into how it could affect business operations. Deepfakes are videos, pictures, or audio that have been convincingly manipulated to misrepresent a person saying...more
Join members of McDermott’s Global Privacy & Cybersecurity team and Alan Gutierrez-Arana of Mazars for the next installment in our PCI DSS 4.0 series. PCI DSS 4.0 brings major changes to payments with an increased focus on...more
Last year, the Payment Card Industry Security Standards Council released version 4.0 of its Data Security Standard (PCI DSS 4.0). The new version, which brings major changes to the payments ecosystem and compliance...more
On March 9, 2022, the U.S. Securities Exchange Commission (the Commission) announced proposed amendments to its rules regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies...more
Banking regulators across the world often engage proactively with their chartered banks to provide guidance about their priorities. They want feedback, comment, and input about issues that may need addressing. This helps...more
On October 27, 2021, the Federal Trade Commission (FTC) announced a newly updated rule under the Gramm-Leach-Bliley Act (GLBA) intended to require financial institutions to strengthen their data security safeguards to protect...more
We recently dove into what vendor risk and vendor risk management entails. Once you understand that this is the risk that results from vendors, it’s simple to extend this and establish that vendor risk assessment (VRA), or...more
Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more
Court Rules that Debt Collector Violated FDCPA with Communication to Dunning Vendor - A federal appellate court has recently ruled that a debt collector violated certain privacy requirements under the federal Fair Debt...more
Earlier this month, the U.S. Department of Labor (the “DOL”) issued informal guidance outlining “best practices” for managing the cybersecurity risks facing employer-sponsored retirement plans. Although the DOL has...more
On April 14, 2021, the U.S. Department of Labor (DOL) released three-part guidance on cybersecurity issues for employee benefit plans, marking its first significant commentary on the issue since its comprehensive but...more
As businesses continue to globalize, so does the demand for global data in litigations, regulatory matters, and internal investigations. When thinking about eDiscovery from a global perspective, one size does not necessarily...more
Keypoint: New York’s Division of Financial Services (DFS) now requires Property and Casualty Insurers writing cyber insurance to comply with the Division’s Cyber Insurance Risk Framework to manage their risk. In her...more
The Federal Trade Commission (FTC) recently entered into an enforcement action with an analytics company for breaching the FTC's Safeguards Rule issued pursuant to the Gramm-Leach-Bliley Act (GLBA) by failing to properly vet...more
A wide variety of business and consumer platforms host mutually beneficial ecosystems. But these ecosystems are also fraught with antitrust risk that arises when platforms try to terminate or modify the terms of third-party...more
The Occupational Health and Safety Act (the OHS) was signed into law in 1970 and established the Occupational Health and Safety Administration (OSHA), as part of the U.S. Department of Labor. Under the so-called "general...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
White & Case Technology Newsflash - Every industry is at a critical juncture in evaluating how to successfully continue business operations in a period of unprecedented disruption. We have received a number of inquiries...more