DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
The Digital Operational Resilience Act 2022/2554 (DORA) is a European regulation that will come into force on January 17, 2025. The regulation aims to strengthen the digital operational resilience of the financial sector...more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
Keypoint: The New York Department of Financial Services (NYDFS) circulated an industry letter offering guidance to NYDFS “Covered Entities” for assessing and managing AI-related cybersecurity risks, including threats...more
Lessons Learned and Best Practices for Seamless Automation - Implementation Automation has become the right-hand resource for many businesses looking to drive greater efficiency and get time back to focus on business...more
After investing in a contract lifecycle management (CLM) system, many organizations realize that getting a return on investment can be challenging, or worse, never realized. The most common mistake is thinking that all it...more
A few weeks ago, on 24 September 2023, the Data Governance Act (Regulation (EU) 2022/868 of the European Parliament and of the Council of 30 May 2022 on European data governance) (“DGA”) came into force. The DGA aims to...more
On July 5, an industry-led working group convened by the UK’s financial regulator published a draft voluntary code of conduct for ESG data and ratings providers (the Code). The Code would apply to all companies based in the...more
The Department of Labor recently issued cybersecurity guidance to retirement plans. The department’s Employee Benefits Security Administration (EBSA) issued guidance in three areas: (1) hiring and working with vendors and...more
In December 2019, we published a blog post introducing open banking; here, we provide an update for 2020. To briefly summarize, open banking comprises a set of rules which permit third-party providers (TPPs) of financial...more
Among the many other hard lessons the COVID-19 pandemic has been teaching businesses, there’s this one: Vendor risk management has become even more complex than before. Frighteningly complex, in fact, making it even more...more
As accelerated underwriting (AU) and artificial intelligence (AI) begin to turn life underwriting upside down, several NAIC working groups are seeking to bring order to the disruption: the Big Data (EX) Working Group (“Big...more
The California Consumer Privacy Act (CCPA) went into effect January 1, 2020 and created several rights for California residents, including the game-changing right to opt-out of the sale of personal information. ...more
Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more
The SEC, through its Office of Compliance Inspections and Examinations (“OCIE”), recently issued its most detailed cyber guidance to date. OCIE had previously issued several cybersecurity risk alerts over the past few years....more
“To err is human,” but in an industry as seemingly driven by precision as eDiscovery, errors are all too common. Yes, mistakes are going to happen. Which is why we can fall back on processes and procedures to ensure that even...more
To get prepared for the California Consumer Privacy Act (CCPA), get a grasp of the basic jargonese and terms involved. The CCPA will impact hundreds of thousands of businesses worldwide. In “A Glossary Guide to the CCPA”,...more
In a 2019 survey Littler conducted of over 1,300 in-house counsel, HR professionals and C-suite executives, more than 35% responded that their organization is using artificial intelligence (AI) in the recruiting and hiring...more
In another example of a data breach allegedly caused by a vendor, Choice Hotels is contacting approximately 700,000 of its customers regarding a data breach caused by a third-party vendor that “copied the impacted data from...more
Admittedly, I’m not the biggest sports buff. However, when I moved to Kansas City four years ago, what my family and I realized is that you can’t help not be a fan of the Royals, Chiefs, Jay Hawks, and Sporting! Everyone in...more
While your organization may not regularly be involved in costly or complicated litigation, there are instances in which it may nonetheless be required to identify, collect, and produce documents most likely in the form of...more