Treating Compliance Like an Asset
When DEI Meets the FCA: What Employers Need to Know About the DOJ’s Civil Rights Fraud Initiative
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 241: Fighting Nurse Burnout with Data-Driven Innovation with Dr. Ecoee Rooney of Indicator Sciences
Compliance Tip of the Day: Assessing Internal Controls
Daily Compliance News: July 7, 2025 the Disaster on the River Edition
Multijurisdictional Employers, P2: 2025 State-by-State Updates on Non-Compete/Non-Solicitation Agts
10 For 10: Top Compliance Stories For the Week Ending June 28, 2025
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Episode 30 - Inaugural Episode with Ian Sherr: Compliance Week’s Insights and Reflections from June to July 2025
How International Companies Can Prepare for July 9 Tariffs
The Dark Patterns Behind Corporate Scandals
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Daily Compliance News: June 26, 2025, The? Matt Galvin Honored Edition
Current Regulatory, Legislative, and Litigation Developments on ADA Website Accessibility for Consumer Finance Digital Platforms — The Consumer Finance Podcast
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance into the Weeds: Boeing’s New Safety Initiatives and Compliance Reforms
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Legal Shifts in 2025 Put Employer Non-Compete Strategies at Risk - Employment Law This Week® - Spilling Secrets Podcast
Summer Strategies for Work Success
With the seemingly never-ending updates to B2B contracts for compliance with new (and amended) comprehensive state privacy laws, the U.S. Department of Justice’s bulk data transfer rule, and artificial intelligence (AI)...more
On July 10, 2025, the EU published its Code of Practice for General-Purpose AI Models, a comprehensive, though not exhaustive, framework designed to guide Artificial Intelligence ("AI") providers in complying with the...more
Le 18 juin 2025, le ministre de la Sécurité publique a déposé le projet de loi C-8, Loi concernant la cybersécurité, modifiant la Loi sur les télécommunications et apportant des modifications corrélatives à d’autres lois (le...more
The dramatic increase in global reach that the internet provides U.S.-based companies comes as a double edge sword. While it significantly increases a company’s potential customer pool, it also subjects companies to...more
The European Banking Authority (EBA) has published its spring 2025 risk assessment report alongside a press release, outlining key developments and emerging risks within the European Union/European Economic Area (EU/EEA). The...more
On 25 June 2025, the European Commission announced its proposal for a “Space Act” that would introduce a new regulatory framework for EU space activities. The proposed framework includes cyber-resilience obligations for EU...more
In 2023, a data center experienced a complete power loss during a scheduled electrical grid maintenance. Less than five months later, that same facility faced another major power outage. However, this time the impact was...more
The American Water Works Association (“AWWA”) announced the release of its 2025 State of the Water Industry Report (“Report”). AWWA describes itself as the: …largest nonprofit, scientific and educational association...more
European cybersecurity risk management and reporting obligations have received a substantial facelift. The Directive (EU) 2022/2555 on measures for a high common level of cybersecurity across the EU (“NIS 2”) became effective...more
The NIS2 Directive has significantly reshaped the cybersecurity landscape across the EU. Since the implementation deadline in October 2024, EU Member States have been working to incorporate new standards into their national...more
Earlier this year, North Dakota’s Governor signed HB 1127, which introduces new compliance obligations for financial corporations operating in North Dakota. This new law will take effect on August 1, 2025....more
The U.S. Food and Drug Administration (FDA) recently finalized its March 2024 select updates to its guidance "Cybersecurity in Medical Devices: Quality System Considerations and Content of Premarket Submissions” (“Premarket...more
On June 26, FERC approved a new reliability standard (CIP-015-1) proposed by the North American Electric Reliability Corporation ("NERC") to enhance cybersecurity of the nation's bulk electric system ("BES"). In a related...more
The FDA has finalized its guidance on cybersecurity for medical device premarket submissions, providing additional insight into the agency’s expectations for how manufacturers integrate cybersecurity risk management into...more
The Delegated Regulation, which contains regulatory technical standards (RTS) on threat-led penetration testing (TLPT) requirements under the EU Digital Operational Resilience Act (DORA), was recently published in the...more
Overview - On June 23, 2025, the New York State Department of Financial Services (“NYDFS”) issued an industry letter encouraging all regulated entities to review their cybersecurity and sanctions compliance programs in light...more
On June 23, the New York State Department of Financial Services (NYDFS) issued an industry letter to all regulated entities — banks, insurers, money transmitters, virtual currency companies, and others — cautioning that...more
Our Privacy, Cyber & Data Strategy Team discusses how to overcome five challenges companies face in the wake of a data security incident when reviewing impacted data to comply with legal obligations....more
Citing “escalating global conflict,” the New York Department of Financial Services issued an alert on Monday, June 22, 2025, to its regulated covered entities, urging them to be vigilant against potential security threats,...more
On June 18, 2025, the Minister of Public Safety introduced Bill C-8, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts (Bill C-8). If passed, Bill C-8...more
Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies,...more
If you're in risk management, you sit at the intersection of privacy, security and compliance. It's a juggling act, and data privacy is just one ball in the air. You're overworked and your tech stack doesn't play nice...more
Cybersecurity firm CSC recently issued its CISO Outlook 2025 Report, which predicts cybersecurity challenges CISOs will face in the next year. The report, from a survey of 300 CISOs and cybersecurity professionals globally,...more
Spring is a time of renewal, and the US Securities and Exchange Commission (SEC)–under its new chairman, Paul Atkins–has shown that. On 12 June 2025, the SEC withdrew 14 proposed rules impacting funds and asset managers,...more
On June 12, the Securities and Exchange Commission (SEC) formally withdrew 14 proposed rules for investment advisers, broker-dealers and public companies, many of which had been pending for several years. Should the SEC...more