Your Guide to Dealing with Subpoenas Effectively
The Future of Supply Chains: Chris Andrassy on Using AI to Predict & Prevent Disruptions
Navigating Legal Strategies for Covering GLP-1s in Self-Insured Medical Plans — Employee Benefits and Executive Compensation Podcast
Podcast: Addressing Patient Complaints About Privacy Violations
London Partner Roberta Downey Wired for Disputes: Tech, Infrastructure, and the New Frontier of Risk
Compliance Amidst a Global Consensus Breakdown
Safeguarding Your Business Data
(Podcast) The Briefing: When a TikTok Costs You $150,000 - Copyright Pitfalls in Influencer Marketing
New Executive Order Targets Disparate Impact Claims Nationwide - #WorkforceWednesday® - Employment Law This Week®
Compliance into the Weeds: Of Wal-Mart, Tariffs and Stakeholder Capitalism
Daily Compliance News: May 21, 2025, The I Want You Back Edition
Hot Topics in International Trade Terrified by Tariffs Braumiller Law
Tariffs and Trade Series: What Boards of Directors Need to Know
False Claims Act Insights - How Payment Suspensions Can Impact FCA Litigation
Harnessing AI in Litigation: Techniques, Opportunities, and Risks – Speaking of Litigation Video Podcast
Upping Your Game: Episode 3 - Embedded Compliance: From Gatekeeper to Business Enabler
Strategies for Business Resilience in Uncertain Times
Innovation in Compliance: Staying the Course in Compliance: Insights from Kristy Grant-Hart
Daily Compliance News: May 20, 2025, The What Could Go Wrong Edition
Compliance Tip of the Day: Design Objectives for Compliance Training
Last month, the federal government announced a major overhaul of the Federal Risk and Authorization Management Program (“FedRAMP”) called “FedRAMP 20x”. FedRAMP 20x is moving forward fast – with new authorizations, community...more
As cyberattacks and cybercriminals are becoming increasingly sophisticated, safeguarding employee benefit plans, including health and welfare plans, is crucial. The Employee Benefits Security Administration of the U.S....more
On April 11, the Department of Justice's National Security Division (NSD) published new guidance on recent measures to restrict the ability of adversarial foreign governments and other foreign entities of concern to access...more
The new Department of Justice (DOJ) Data Security Program (DSP) took effect on April 8....more
On January 8, 2025, the U.S. Department of Justice (“DOJ”) issued its final rule to implement Executive Order 14117 aimed at preventing access to Americans' bulk sensitive personal data and government-related data by...more
On April 11, 2025, the National Security Division (NSD) of the Department of Justice issued a press release (Press Release) that outlines its approach to implementing and enforcing the DOJ’s recent final rule on “Preventing...more
WHAT: FedRAMP has announced that it will be working on a new framework for authorization and assessment of cloud services for federal consumption, calling the initiative “FedRAMP 20X” (announcement here). In response to...more
Over the last few years, the Federal Risk and Authorization Management Program (“FedRAMP”) Program Management Office (“PMO”) has released two draft guidance documents related to defining the applicable boundary for security...more
The UK National Cyber Security Centre (NCSC) published its guidance on shadow IT on 27 July 2023. ‘Shadow IT’ are unknown assets that are used within an organisation for business purposes (including in certain cloud...more
On August 30, 2022, the Hong Kong Privacy Commissioner for Personal Data (the “PCPD”) released a guidance note (the “Guidance Note”) on data security measures for information and communications technology to provide...more
Key Takeaways: ..On August 13, 2021, FINRA issued Regulatory Notice 21-29 (“RN 21-29”) to remind member firms that they must establish and maintain an adequate supervisory system, including written supervisory procedures...more
SDNY Rejects Standing under “Increased Risk” Theory Where Data Not Targeted or Stolen - The Southern District of New York rejected a settlement that would have resolved a class action based on the unauthorized (and...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
The Commission's "new" cybersecurity guidance largely rehashes existing guidance, as is highlighted by objections from two commissioners. At most, the additional qualitative guidance is incremental. It reiterates the need to...more
In February 2018 the SEC outlined its views with respect to cybersecurity disclosure requirements under the federal securities laws as they apply to public reporting companies. Set forth below is a checklist of items included...more
DNV GL recently issued a new globally applicable recommended practice (DNLVGL-RP-G108) to assist oil and gas operators, system integrators and managers, and vendors in the offshore industry to manage increasing cybersecurity...more
The European Data Protection Supervisor (“EDPS”) Giovanni Buttarelli issued a guidance document on data security and risk management for the E.U. institutions (such as the European Parliament, the European Council, and the...more
Non-Enforcement Cybersecurity Is At the Top of SEC Examination Concerns In a recent SEC “risk alert” for registered broker-dealers and investment advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE)...more