Driven by Data: Auto Finance Trends Uncovered - Moving the Metal: The Auto Finance Podcast
AGG Talks: Cross-Border Business Podcast - Episode 28: How Life Sciences Companies Can Create a Culture of Compliance When Expanding to the U.S. Market
Mistakes Lawyers Should Avoid When Moving into Compliance
Beyond the Bylaws: The Medical Staff Show | The Role of Bylaws in Medical Staff Governance, Part II
Compliance Tip of the Day – AI and Behavioral Analytics
Daily Compliance News: April 30, 2025, The 4 AM Wake-Up Call Edition
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
Key Discovery Points: Don’t Rush in as an AI Fool!
Upping Your Game: Episode 1 – Meeting Hui Chen’s Challenge
SBR – Author’s Podcast: Understanding Complexity with Dr. Jean Boulton, Part 1: Ethics, Compliance, and Organizational Dynamics
Innovation in Compliance: Exploring the Fractional COO Model with La Tonya Roberts
Daily Compliance News: April 29, 2025, The GenZ/RTO Edition
Adventures in Compliance: The Novels – A Study in Scarlet, Introduction to Compliance Lessons
FCPA Compliance Report: From Compliance to Commercial Value: Removing Friction with AI
Compliance Tip Of the Day: Using AI to Transform Whistleblower Response
Because That’s What Heroes Do: Deep Space 9 – Episode 30: Deep Trek Themes from Tacking into the Wind
Compliance Tip of the Day: The Future of Continuous Monitoring
FCPA Compliance Report: Ellen Hunt on Compliance ROI and on a Due Diligence and the US Sentencing Guidelines
Compliance and AI: Transforming Compliance Through AI with Marcelo Erthal
Breaking Down the Shifting Vaccine Policy Landscape – Diagnosing Health Care Video Podcast
The vast majority of commentary and public advice concerning data breaches surround, deservedly, the breach itself. This focus is only natural; it is the breach itself that requires victims to bring enormous resources to bear...more
Since the full implementation of Thailand’s Personal Data Protection Act (PDPA) in June 2022, the Personal Data Protection Committee (PDPC) has been instrumental in shaping the nation’s data protection framework. ...more
With 2025 barely three weeks old, the US Department of Health and Human Services Office for Civil Rights (OCR) has already announced six enforcement actions for the new year. Particularly significant is the advancement of...more
As the year comes to a close here are some of the highlights from the Workplace Privacy, Data Management & Security Report with our most popular topics and posts from 2024. Expanding State Privacy Laws- This year saw a...more
New York’s Cybersecurity Regulation continues its phased roll-out on November 1, when licensed financial services companies face a host of new requirements aimed at bolstering breach readiness and improving their ability to...more
On June 24, 2024, the U.S. Securities and Exchange Commission (SEC) published five new Form 8-K Compliance and Disclosure Interpretations (C&DIs) expanding the agency’s interpretations of cybersecurity incident disclosures...more
CDK Global, a key provider of cloud-based software for auto dealerships, suffered a severe ransomware attack this week, disrupting operations for thousands of dealerships across North America. The attack has crippled vital...more
This is a deceptively simple question — risk managers rightfully expect to know the scope of their coverages when they build their insurance programs. Unfortunately, judicial interpretation of common policy terms can turn...more
Publications and Advisories - November 13, 2023 – Kathleen Benway, Kate Hanniford, Amy Mushahwar, Kim Peretti, and Lance Taubin published “Privacy, Cyber & Data Strategy Advisory: FTC Approved New Data Breach Notification...more
Data breach class actions continue to rise, following almost inevitably from nearly every major security incident. Here are seven things in-house counsel can do to prepare for that anticipated litigation....more
A bipartisan coalition of 33 AGs settled with health care clearinghouse Inmediata Health Group, LLC and an affiliated entity (collectively, Inmediata) to resolve allegations that Inmediata violated state consumer protection...more
Most human resources professionals are concerned about the privacy and security of the vast amounts of personal information they manage. This article discusses steps to consider taking against the challenges. Deluge of...more
GoodRx Faces Million Dollar Proposed Penalty from FTC in First Enforcement Action Under the Health Breach Notification Rule - Settlement reveals views on application of unfairness authority to sharing of sensitive...more
The Office of Civil Rights (OCR) at the U.S. Department of Health and Human Services (HHS) recently submitted two annual reports to Congress setting forth a summary of complaints and breaches reported to the OCR during...more
The Federal Trade Commission has issued new guidance under which consumers or companies should be notified of data breaches “regardless of whether a breach notification law applies.” Our Consumer Protection/FTC Team analyzes...more
Healthcare companies continue to face increased risks of ransomware attacks on their operations. According to the recently released BD Cybersecurity Annual Report for 2021, such attacks are also increasingly sophisticated....more
On October 27, 2021 the FTC issued a final rule (the “Final Rule”) amending 16 CFR Part 134, Standards for Safeguarding Customer Information (“Safeguards Rule”), after a period of notice and comment. While the existing...more
On 16 December 2020, the EU released its proposed revisions to the existing Directive 2016/1148 on the security of network and information systems (NIS2)....more
On November 27, 2019 the U.S. Department of Health & Human Services Office for Civil Rights (OCR) announced a $2.175 million dollar settlement with a hospital system to resolve alleged violations of HIPAA’s Breach...more
In our last article, we showed you how to evaluate where your organization sits on the landscape of readiness and preparedness. In this concluding article, we identify concrete steps you can immediately employ to move your...more
From the recent headline-grabbing attacks on hospitals and municipalities, the specter of cybersecurity threats looms large. As a result, spending on cybersecurity initiatives is expected to reach $96 billion this year....more
The health care industry is racing to adopt cutting-edge technology to provide patients with the best treatment possible at the lowest possible cost. ...more
This Friday is the deadline for General Data Protection Regulation (“GDPR”), yet many companies are still in the process of planning for compliance. Companies not able to meet the deadline may want to consider,...more
Worldwide, companies are scrambling to meet the May 25th deadline to comply with the European Union’s General Data Protection Regulation (GDPR). For companies with physical operations in an EU member state, this deadline is...more
Personal data is currency in the new world, and while the United States uses a sectoral approach to data privacy, the European Union (EU) treats privacy as a fundamental right of its citizens. Therefore, where U.S....more