DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
The FCA, PRA, and Bank of England have published their finalised critical third party (CTP) rules (and accompanying guidance) in PS24/16 Operational resilience: Critical third parties to the UK financial sector....more
As more organizations across industry sectors store personal data with cloud storage vendors— including the three largest vendors in the world, Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform—federal...more
This blog post focuses on how the EU’s Artificial Intelligence Act (“AI Act”) regulates generative AI, which the AI Act refers to as General-Purpose AI (“GPAI”) Models....more
In the early morning hours of a random summer Friday in July, IT systems around the globe began to experience widespread crashes. Initial fears of a massive cyber or other malicious attack by a state-sponsored actor or...more
Since the release of OpenAI’s ChatGPT, the intense hype around large language models (LLMs) and complex AI systems has exploded. Organizations have rushed to both try and buy these new tools. Along with it, a flood of...more
China’s regulations aim to address risks related to artificial intelligence and introduce compliance obligations on entities engaged in AI-related business. This Client Alert discusses what technologies and entities are...more
A wide variety of business and consumer platforms host mutually beneficial ecosystems. But these ecosystems are also fraught with antitrust risk that arises when platforms try to terminate or modify the terms of third-party...more
The arrival of the California Consumer Privacy Act (CCPA) on January 1, 2020 brings steep risk for companies that collect information on California residents. In particular, and among other statutory penalties, a business...more
It’s your worst nightmare. All of your most important and sensitive data, the thing your business values most, the thing your company cannot operate without, the thing your regulators require you to protect, has been taken...more
The need to control risks associated with using third-party technology service providers was reemphasized by the FDIC for institutions with less than $1 billion in assets in a new financial institutions letter...more
In recent years, bank regulators have increased their efforts to require banks to appropriately handle third-party risk management. On April 2, the Federal Deposit Insurance Corporation (FDIC) issued a Financial Institution...more
On April 2, 2019, the FDIC issued Financial Institution Letter FIL-19-2019 (the “Letter”) to remind financial institutions about certain contractual provisions and other requirements pertaining to technology service provider...more
Tongue-in-cheek references to Pokémon Go as a health App aside, maybe the tech industry is on to something. In the U.S., seven out of every ten deaths are due to chronic diseases, such as diabetes or heart disease. Perhaps...more