DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
On April 8, 2025, a sweeping rule issued by the US Department of Justice (DOJ) will take effect. The rule imposes restrictions—and in some cases, outright prohibitions—on US companies in connection with certain types of data...more
On October 16, 2024, the New York State Department of Financial Services (NYDFS) released guidance highlighting the cybersecurity risks associated with artificial intelligence (AI) and how covered entities regulated by NYDFS...more
We’ve previously written on the need for law firms to scrutinize the data security protections in place at all third-party vendors who have access to client confidential information. Clearly, that’s still good advice....more
Global Privacy Controls, vendor management, sensitive personal information, and the use of Ad Tech; new U.S. state data protection laws introduce twists to traditional notions of American data protection law. In the U.S.,...more
The SEC continued its recent onslaught of proposed cybersecurity rules in mid-March with three new proposals covering a litany of entities, including investment advisers, broker-dealers, investment companies, clearing...more
The Black Shadow hacking group’s attack on Cyberserve, reported a few days ago, has resulted (at this point in time) in the leaking of a database with more than 800,000 records pertaining to various individuals and the...more
Consumers are more aware than ever of data privacy and security issues. As technology develops, vast quantities of data are collected on individuals every minute of every day. Customers trust their institutions to keep the...more
A new report released by Global Market Insights, Inc. last month estimates that the global market valuation for voice recognition technology will reach approximately $7 billion by 2026, in main part due to the surge of AI and...more
In December 2019, we published a blog post introducing open banking; here, we provide an update for 2020. To briefly summarize, open banking comprises a set of rules which permit third-party providers (TPPs) of financial...more
To get prepared for the California Consumer Privacy Act (CCPA), get a grasp of the basic jargonese and terms involved. The CCPA will impact hundreds of thousands of businesses worldwide. In “A Glossary Guide to the CCPA”,...more
The Office of the Privacy Commissioner of Canada (OPC)'s report, Personal Information Protection and Electronic Documents Act (PIPEDA) Report of Findings #2019-001, issued April 9, 2019, into the Equifax hack, created...more
On September 13, the final day of its legislative session, the California Legislature approved five amendments to the California Consumer Privacy Act (CCPA), the state’s sweeping new privacy law that takes effect on January...more
Data breaches continue to be an unfortunate risk that companies face with increasing frequency. In this podcast, Rebecca Bennett, Stephen Riga, and Justin Tarka discuss data breaches from both a U.S. and EU perspective,...more
What You Need to Know Now - • The new law takes effect January 1, 2020, but there’s a lot to do so you need to start work now. • The new law expands the definition of personal information and gives California consumers...more
• California recently passed the landmark California Consumer Privacy Act that goes into effect in 2020, which grants California residents new privacy rights. • The CCPA creates a private right of action for California...more
In case you had not heard, the European Union is replacing its current privacy laws with a new, comprehensive General Data Protection Regulation (GDPR), which takes effect May 25, 2018. The essential principles of the EU’s...more
Any entity processing personal data on your behalf (i.e., your vendors) must have a written contract in place. The GDPR requires specific language in your vendor contracts. Review steps 1–4 below to bring your vendor...more
Cybersecurity is a significant business risk for any organization that collects personal data. The greater the amount of personal data collected by an organization, the greater the risk that it will be targeted by...more
Retirement plan sponsors face ever-evolving cyber-related threats to plan assets and participant personal information. To combat such threats, plan sponsors should proactively assess the third-party service providers’ ability...more
The CFTC recently approved the National Futures Association’s interpretive notice (the “Cybersecurity Notice”) on the general requirements that members should implement for their information systems security programs...more