Beyond the Bylaws: The Medical Staff Show | The Role of Bylaws in Medical Staff Governance, Part II
Compliance Tip of the Day – AI and Behavioral Analytics
Daily Compliance News: April 30, 2025, The 4 AM Wake-Up Call Edition
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
Key Discovery Points: Don’t Rush in as an AI Fool!
Upping Your Game: Episode 1 – Meeting Hui Chen’s Challenge
SBR – Author’s Podcast: Understanding Complexity with Dr. Jean Boulton, Part 1: Ethics, Compliance, and Organizational Dynamics
Innovation in Compliance: Exploring the Fractional COO Model with La Tonya Roberts
Daily Compliance News: April 29, 2025, The GenZ/RTO Edition
Adventures in Compliance: The Novels – A Study in Scarlet, Introduction to Compliance Lessons
FCPA Compliance Report: From Compliance to Commercial Value: Removing Friction with AI
Compliance Tip Of the Day: Using AI to Transform Whistleblower Response
Because That’s What Heroes Do: Deep Space 9 – Episode 30: Deep Trek Themes from Tacking into the Wind
Compliance Tip of the Day: The Future of Continuous Monitoring
FCPA Compliance Report: Ellen Hunt on Compliance ROI and on a Due Diligence and the US Sentencing Guidelines
Compliance and AI: Transforming Compliance Through AI with Marcelo Erthal
Breaking Down the Shifting Vaccine Policy Landscape – Diagnosing Health Care Video Podcast
Compliance Tip of the Day: Leveraging AI for Real-Time Third-Party Risk Management
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Innovation in Compliance: Design-Centric Compliance Training with Karen Oddo
On April 11, North Dakota enacted HB 1127, overhauling its regulatory framework for financial institutions and nonbank financial service providers. The law amends multiple chapters of the North Dakota Century Code and creates...more
As if legal and compliance professionals had enough responsibilities on their plates, DOJ dropped another shoe (to join the tariffs, sanctions and export controls, and immigration issues) and upped the stakes for ethics and...more
The Financial Stability Board (FSB) has published its finalised Format for Incident Reporting Exchange (FIRE), together with a press release and updated webpage. FIRE provides a standardised format for financial institutions...more
On April 3, 2025, the New York State Department of Financial Services (“DFS”) issued reminders about upcoming implementation and reporting deadlines related to its cybersecurity regulations. Upcoming deadlines require...more
Covered entities regulated by the New York State Department of Financial Services (NYDFS) must submit cybersecurity compliance forms by April 15, 2025. New sets of requirements for system monitoring and access privileges,...more
Artificial Intelligence (AI) has been touted as the answer to a multitude of business challenges. However, AI – along with machine learning and large language models (LLMs) – is still fraught with technical and regulatory...more
As we previously reported, in 2023 the New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500). As of November 1, 2024, Class A Companies and Covered Entities...more
Two delegated acts were published in the Official Journal of the European Union (OJ) in respect of the EU Digital Operational Resilience Act (DORA). These are: - Commission Delegated Regulation (EU) 2025/301, which comprises...more
We explore what trustees need to be aware of when dealing with data and complying with their obligations under the Data Protection (Bailiwick of Guernsey) Law, 2017 and related legislation (the "DP Law")....more
On January 28, FINRA published its 2025 FINRA Regulatory Oversight Report, which highlights areas identifying compliance gaps and observing emerging risks. The report introduced new topics such as the third-party risk...more
The European Supervisory Authorities have published a joint report on the feasibility of further centralization of the reporting of major ICT-related incidents by financial entities to competent authorities. The ESAs' joint...more
Regulation (EU) 2022/2554 on digital operational resilience for the financial sector (“DORA”), which establishes a uniform set of requirements relating to the security of network and information systems supporting financial...more
As of January 23, 2025, the regulation discussed below has not been withdrawn by the Trump administration and is not subject to automatic withdrawal under President Trump’s Executive Order freezing regulations. It currently...more
New York State Governor Hochul recently gave us a “pre” New Year’s gift: effective on December 21, 2024, any individuals or businesses possessing the “private information” of New Yorkers must notify them, and certain state...more
DORA is now applicable, imposing requirements in respect of ICT risk management and digital operational resilience. Firms should be preparing their register of information ready for sharing with the CBI in April....more
On 29 November 2024, the Australian Senate passed the Privacy and Other Legislation Amendment Bill 2024 (Cth) (the Privacy Act Bill). This follows the passage of the Cyber Security Act 2024 (Cth), and other cyber-security...more
As cybersecurity rules proliferate, companies must navigate a maze of new, and often overlapping, proactive and reactive cybersecurity requirements and guidance. This Legal Update surveys new cybersecurity rules and...more
The New York Department of Financial Services has modified its cybersecurity requirements for regulated entities. These requirements are in addition to those included in the regulations as last updated in November of last...more
It has been a busy month for cyber and privacy regulation in Australia. On the heels of the proposed amendments to the Privacy Act 1988 released just under a month ago, three further draft Bills relating to cyber security...more
The growth in partnerships between banks and Fintech companies through Banking as a Service (BaaS) models presents significant opportunities for innovation across the financial services sector. However, these collaborations...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
Threat actors are evolving. Our Privacy, Cyber & Data Strategy Team explains how ransomware gangs have changed their tactics and how companies can respond to the threat while navigating new scrutiny from investors and...more
Amidst the relentless waves of pandemic-induced uncertainty, organizations found themselves at a crossroads, compelled to reimagine how their businesses operated. For example, when stay at home orders continued to be extended...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more