The Classification of Gasoline & Gasoline Fumes as a Carcinogen: Considerations for Corporate Executives & Attorneys
Understanding the DOJ's Recent Corporate Enforcement Policy Changes
The Trend of Threatening Physicians for Personal Gain
Hiring Smarter: Best Practices for Interviews: What's the Tea in L&E?
Workplace ICE Raids Are Surging—Here’s How Employers Can Prepare - #WorkforceWednesday® - Employment Law This Week®
Crafting Effective Flexible Leave Policies for Employers
Episode 373 -- Christian Focacci on Current Developments in AI and Risk Management
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
Work This Way: A Labor & Employment Law Podcast | Episode 48: Opportunities & Risks with Artificial Intelligence in HR with Chingwei Shieh of GE Power
Handling References and Referrals While Safeguarding Your Business
Everything Compliance: Shout Outs and Rants - Episode 155
Daily Compliance News: June 10, 2025, The Ruinous Burdens Edition
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Daily Compliance News: June 9, 2025, The Repugnant Edition
Adventures in Compliance: The Novels: The Sign of Four – Applying Sherlock Holmes’ Methods to Modern Corporate Compliance
Sunday Book Review: June 8, 2025, The Books on AI Governance Edition
Compliance Tip of the Day: Internal Controls for Third Parties
Daily Compliance News: June 6, 2025, The Good Punishment Edition
Daily Compliance News: June 5, 2025, The Asset Cap Lifted Edition
On January 28, 2025, FINRA published its annual regulatory oversight report for 2025 (Report), which highlights observations and findings from FINRA’s oversight programs. The Report covers 24 topics, and for each topic it...more
On January 13, 2025, the Securities and Exchange Commission (“SEC”) filed a settled enforcement action against Ashford Inc. (“Ashford” or “the Company”), a company that provides products and services to the real estate and...more
Glass Lewis, one of the leading proxy advisory firms, recently updated its policy guidelines for 2025 to include recommendations regarding board oversight of AI. In the new guidelines, Glass Lewis emphasizes the importance of...more
Tomorrow is International Data Privacy Day, so a happy day to all! More seriously, data privacy concerns and legislation continue to rapidly increase. It has been estimated that by the end of 2024 more than 75 percent of...more
Welcome to our sixth volume and first issue of 2025 of Decoded - our technology law insights e-newsletter. We have been publishing for six years and could not continue without our committed readers and your insights....more
By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more
The U.S. District Court for the Southern District of New York dismissed the majority of claims that the Security and Exchange Commission ("SEC") asserted against SolarWinds, including claims that the company's alleged...more
On June 24, the staff of the U.S. Securities and Exchange Commission's (SEC) Division of Corporation Finance (Division of Corporation Finance) released five new Compliance & Disclosure Interpretations (C&DIs) relating to the...more
The SEC has been aggressively pursuing cybersecurity investigations and enforcement actions against public companies and foreign private issuers. In these actions, the SEC often alleges one of two theories: 1) that the...more
The US Government Is Using AI To Detect Potential Wrongdoing, and Companies Should Too With agencies such as the SEC and DOJ using AI and other data analytics tools extensively to detect wrongdoing, companies need to adopt...more
The U.S. Securities and Exchange Commission (SEC) adopted final rules in 2023 that are intended to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance and incident reporting by...more
REGULATORY ISSUES & UPDATES - Mandatory Climate Change Reporting Requirements Under the New European ESRS E1 - The implementation of the European Sustainability Reporting Standards poses risks for reporting companies,...more
Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more
The Securities and Exchange Commission (“SEC”) adopted new rules requiring the disclosure of cybersecurity risk management, strategy, governance and material incidents (the “Rules”), effective September 5, 2023. The Rules...more
The Securities and Exchange Commission (“SEC”) adopted the final rules (the “Final Rules”) on July 26, 2023 that will require disclosure of material cybersecurity incidents, cybersecurity risk management, strategy, and...more
Data governance is a mission-critical issue for every company and institution in the United States. GCs face a host of pressing cybersecurity concerns. Triaging them requires time, attention, and a well-rounded strategy...more
After an extensive comment period, the SEC announced on July 26 that it was formally adopting new rules for public companies governing cybersecurity disclosures. The rules had generated significant backlash from public...more
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted new rules requiring public companies to disclose within four business days material cybersecurity incidents they experience and to disclose annually...more
The SEC has recently voted on new rules that will require companies to disclose material cybersecurity incidents within four days and to make disclosures about their broad cybersecurity risks in their annual report. Tom Fox...more
On July 26, a divided SEC adopted a final rule outlining disclosure requirements for publicly traded companies in the event of a material cybersecurity incident. ...more
In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies. The rules, which will become effective thirty days after publication in...more
On July 26, the Securities and Exchange Commission adopted a new rule regarding cybersecurity risk management, strategy, governance, and incident disclosure. The “Cybersecurity Incident Disclosure Rule” will be applicable to...more
Come December 2023, public companies will have a very narrow window to report cybersecurity incidents that materially affect their companies. Companies will also have to report annually how they assess and manage...more
The SEC adopted final rules requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their cybersecurity risk management, strategy,...more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more