DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
Strategic sales teams know that speed and consistency aren’t just nice to have – they are essential. But when creative resources are stretched thin or siloed in marketing, sales enablement efforts can stall. The result?...more
No organization can eliminate data breach risks altogether, regardless of industry, size, or even if the organization has taken significant steps to safeguard their systems and train employees to avoid phishing attacks....more
Record retrieval is an integral part of any legal case, giving attorneys access to accurate and up-to-date information on which to base their arguments. Preparing records for a case or legal matter requires carefully...more
In the first part of this blog post, we looked into the OCR and FTC’s focus on third-party tracking technologies. We also reviewed the AHA Lawsuit and its impact for the use of tracking technologies. In this blog post, we...more
On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more
In the aftermath of a vendor's hack that crippled an industry, ensure your business is up to date on best practices for mitigating the risks of third-party cyber incidents. Many businesses struggle to adequately consider the...more
On April 24, the Federal Trade Commission announced that it had finalized changes to its Health Breach Notification Rule - to address emerging technologies. Specifically, the Rule was broadened to (1) apply to entities not...more
Every spring, BakerHostetler collects, analyzes, and compares key metrics on the incident response matters we handled in the prior year. The output – our Data Security Incident Response (DSIR) Report – highlights key findings...more
For decades, law firms have organized themselves into practice groups or fully specialized firms to marshal resources and expertise, increase efficiency, and develop strong relationships with companies in specific industries...more
Since the release of OpenAI’s ChatGPT, the intense hype around large language models (LLMs) and complex AI systems has exploded. Organizations have rushed to both try and buy these new tools. Along with it, a flood of...more
In the ever-evolving, intensely competitive corporate landscape, the quest for operational efficiency has given rise to a strategic model that’s reshaping the very fabric of business functions — outsourced administrative...more
Vendor procurement practices will continue to evolve in 2024 to reflect corporate AI risk management and governance policies. While companies are beginning to appreciate that vendor work product may be developed using AI...more
Over the last several years several companies, including Marriott, Yahoo and Volkswagen, have been victimized by hackers breaking into a company’s computer network. In some cases, they have put confidential information on the...more
Of the many worries on privacy compliance teams’ lists as we face the onslaught of state “general” privacy laws are the impacts they have on vendor contracts. Fortunately for those who have already had to deal with contracts...more
The Securities and Exchange Commission (SEC) proposes to amend Regulation Systems Compliance and Integrity (Reg SCI) to update and expand the regulatory oversight of the core technology of the U.S. securities markets.1 The...more
Independent schools often contract with vendors to support the school's operations and delivery of its curriculum and programming, including transportation providers, food service, cleaning and facilities maintenance,...more
CEP Magazine (October 2022) - A recent case reminded me of how easy it is to use shell companies to perpetrate fraud. A former associate general counsel who handled allegations of employee misconduct for a company created...more
Editor’s Note: On September 21, 2022, Business Intelligence Associates (BIA), a recently acquired HaystackID company, shared an educational webcast on the role of eDiscovery playbooks in litigation preparedness. Regardless of...more
Hackers have increasingly focused on third-party vendors as avenues to data held by associated businesses. On August 25, 2022, DoorDash announced that it had experienced a data breach which impacted the personal...more
The California Privacy Protection Agency (CPPA or Agency) published 66 pages of proposed draft regulations (Draft Regulations) that govern the California Privacy Rights Act (CPRA) as a special treat on Friday, May 27 for some...more
I’ve written several times during the past year about the importance of information security for legal professionals. Mitigating the threat of unauthorized access to client confidential information is one of the most...more
The task of conducting due diligence in the selection of technology vendors is a critical component of the lawyer’s ethical obligation to maintain reasonable security over client confidential information. However, for several...more
The CFPB updated its Supervision and Examination Manual by adding a new section titled Compliance Management Review – Information Technology. The new examination procedures are meant to assist CFPB examiners when assessing...more
Data breaches by large companies have been in the news for some time. Over the last several years several companies, including Marriott, Yahoo and Volkswagon, have been victimized by hackers who have broken into a company’s...more
We recently dove into what vendor risk and vendor risk management entails. Once you understand that this is the risk that results from vendors, it’s simple to extend this and establish that vendor risk assessment (VRA), or...more