Legal AI in Practice: Firm Governance, Build vs. Buy Decisions, and Vendor Due Diligence — The Good Bot Podcast
Point-of-Sale Finance Series: Understanding State Licensing for Nonbank Providers — The Consumer Finance Podcast
(Podcast) The Briefing - Studios Beware: The Danger of the Beauty and the Beast Copyright Decision
Innovation in Compliance: Brad Stevens: Part 1 - Transforming Outsource Perceptions
Podcast — EU Data Act: Spotlight on Switching Requirements for Data Processing Services
Compliance into the Weeds: Fracht - The Bonkers Sanctions Case
DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
On February 3, the U.S. Department of Health and Human Services Office of Inspector General (OIG) issued new Medicare Advantage Industry Segment-Specific Compliance Program Guidance (MA ICPG) for the MA industry and...more
On February 3, 2026, the U.S. Department of Health & Human Services, Office of Inspector General (OIG), published the long-awaited Medicare Advantage Industry Segment-Specific Compliance Program Guidance (Medicare Advantage...more
The Committee believes that the financial services regulators are not doing enough to manage the risks presented by AI....more
The compliance industry appears to be taken over by AI-this and AI-that. Third party risk bleeds into major AI risks, corporate governance needs to incorporate AI risks, and policies and procedures have to incorporate AI...more
Property and casualty insurers manage high volumes of regulated, document-driven communications, including policies, endorsements, billing statements, and legally required notices, that must be produced and delivered...more
Cybersecurity and data privacy provisions should be a central consideration whenever parties negotiate contracts involving third‑party service providers who will access or process business data. This applies across a broad...more
On November 17, 2025, Ontario’s Information and Privacy Commissioner (ON IPC) and Alberta’s Office of the Information and Privacy Commissioner (AB OIPC) each released their findings from their investigations into a...more
Cyber law and practice have continued to evolve over the past 12 months. New laws and regulations have been unveiled or come into force, while enforcement authorities have sharpened their focus on issues including board...more
Here are the five primary risk areas when a company uses AI in a supportive or assistance-based role as opposed to an algorithmic-based use case....more
From my perspective, hopefully a reasonable one, there is a little too much AI-Risk Hype. Not to belittle the experts or ignore potential risk concerns but this is getting a little carried away....more
The National Institute of Standards and Technology (NIST) recently released their initial preliminary draft of NIST IR 8596, also known as the Cybersecurity Framework Profile for Artificial Intelligence. This new...more
WHAT: The FedRAMP Program Management Office (PMO) has released a “final set” of proposed changes to the FedRAMP process for authorizing and assessing the security of cloud services for federal consumption. The final proposed...more
As demand for data-intensive and AI-driven workloads continues to grow, customers are increasingly encountering constraints on cloud compute resources—particularly specialized processors and region-specific capacity. These...more
Cloud computing has been sold as elastic, on-demand access to virtually unlimited resources. However, the rapid growth of data-intensive and artificial intelligence–driven workloads has strained the availability of certain...more
Ransomware attacks continue to evolve in sophistication, disrupting operations and commanding the urgent attention of regulators, law enforcement and government agencies....more
While often described as a hybrid of Software‑as‑a‑Service (SaaS) and Business Process Outsourcing (BPO), Business-Process-as-a-Service (BPaaS) is far more than the sum of its parts. It represents a strategic shift toward...more
As organizations increasingly rely on third-party service providers (TPSPs) for critical services, including cloud computing, IT management, and fintech solutions, the scale and complexity of cyber risks have grown. A recent...more
The New York Department of Financial Services (“NYDFS”) implemented the final phases of amendments to its NYDFS Cybersecurity Regulation (23 NYCRR Part 500) in May and November....more
Recently, the NCUA published a list of resources aimed toward guiding credit unions implementing AI or partnering with AI third-party vendors. The publication noted that while AI presented significant opportunities for...more
As we have discussed in prior posts, AI-enabled smart glasses are rapidly evolving from niche wearables into powerful tools with broad workplace appeal — but their innovative capabilities bring equally significant legal and...more
In this episode of The Good Bot, Brett Mason sits down with Leigh Zeiser, director of AI and automation at Troutman Pepper Locke, to unpack how the firm operationalizes AI responsibly. They discuss the firm's AI portfolio —...more
Artificial intelligence has quickly shifted from an innovative experiment to a core operational tool across industries. As business teams explore new AI service providers—ranging from automated analytics engines to...more
Recent draft cybersecurity guidance from the National Institute of Standards and Technology (NIST) provides an opportunity for government contractors who provide IT services to federal agencies to weigh in on implementation...more
With the news that over 70% of S&P 500 companies provide some sort of AI-related risk factors in their SEC disclosures, it’s a good time to review the type of risk factors that you might want to consider – of course,...more
Proactive planning and governance from both clients and vendors are essential to manage software sunsetting effectively....more