Compliance Tip of the Day: Leveraging AI for Real-Time Third-Party Risk Management
Episode 365 -- Four Sanctions Cases Everyone Should Know
The Privacy Insider Podcast Episode 12: Compliance Is Good Business: Getting Beyond Fines with Tom Fox of Compliance Podcast Network
Bar Exam Toolbox Podcast Episode 296: Listen and Learn -- Third-Party Rights in Contracts (Part 1 - Rules)
Corporate Use of Third-Party Artificial Intelligence (AI) Tools
One Month to More Effective Written Standards: Day 17 – Policies for Third-Parties
Third Party Observation in Patent Prosecution in China
Consumer Finance Monitor Podcast Episode: Recent Federal and State Debt Collection Developments
Thobekile Cynthia Khumalo on Third Party Due Diligence
Protecting Trade Secrets When Facing Lawsuits or Alternative Dispute Resolution Procedures
Education Data Privacy and Security Laws: Best Practices for School Districts
Episode 162 -- Jessica Sanderson on How to Conduct a Remote Third Party Audit
VIDEO: Update on Third Party Workers’ Compensation Settlements in Pennsylvania
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
Subro Sense Podcast - Unpacking Product Claims Against Amazon
Business Succession Planning: Strategies for the Transition
E17: Carpenter Decision Builds Up Privacy from #SCOTUS
Day 17 of One Month to More Effective Continuous Improvement-Financial Health Monitoring
Day 6 of One Month to More Effective Continuous Improvement-Data Analytics and the Monitoring of Third Parties
FCPA COMPLIANCE REPORT-EPISODE 337, JAMES GELLERT ON ASSESSING 3RD PARTY FINANCIAL HEALTH FOR COMPLIANCE
Two recent decisions from the Northern District of California—Shah v. Capital One Financial Corp., No. 24-cv-05985-TLT, 2025 WL 714252 (N.D. Cal. Mar. 3, 2025), and M.G. v. Therapymatch, Inc., No. 23-cv-04422-AMO, 2024 WL...more
There are many factors to consider when assisting clients with assessing the use of artificial intelligence (AI) tools in an organization and developing and implementing an AI Governance Program. Although adopting an AI...more
Ensure your vendors are crisis-ready by recognizing these key indicators of weak continuity planning. The interconnected nature of modern business means that your vendors’ operational resilience can, and frequently does,...more
Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more
In light of recent cyberattacks targeting the federal government and United States supply chains, President Biden’s administration has released an Executive Order (the “Order”) in an attempt to modernize and enhance the...more
In all our work with clients, my evaluation and expectations around compliance readiness come down to one point: Governance. This can mean a variety of things when it comes to a compliance program, but overall, we boil it...more
Oversight of data-related risks: From data governance to GenAI and cybersecurity While data governance has been a priority for companies for some time, the explosive growth in the use of generative artificial intelligence...more
The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more
In July, the Innovation, Cybersecurity and Technology Committee of the National Association of Insurance Commissioners (NAIC) released an exposure draft of its model bulletin titled “Use of Algorithms, Predictive Models, and...more
As we previously discussed, earlier this year the National Institute of Standards and Technology (NIST) launched the Trustworthy and Responsible AI Resource Center. Included in the AI Resource Center is NIST’s AI Risk...more
This year’s news has been full of stories about “generative” artificial intelligence (AI) applications. Generative AI tools create code, text, images, and other content in response to text prompts, queries, and other inputs....more
Health care providers should evaluate their use of “tracking technologies” on their websites and mobile applications (apps) for compliance with HIPAA. On December 1, 2022, the Office for Civil Rights (OCR) issued a bulletin...more
In a December 2022 bulletin published by the Office for Civil Rights at the U.S. Department of Health and Human Services (HHS), HHS made clear that the use of third-party tracking technologies by covered entities and business...more
This blog is the third in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as...more
This blog is the second in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as...more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) recently issued a warning regarding vulnerabilities in third-party applications used by entities covered by HIPAA. The OCR warning applies...more
On September 15, 2015, OCIE issued a risk alert relating to its new cybersecurity examination initiative. This is the second round of these examinations, and the alert provides a detailed look at OCIE’s current areas of...more
Companies are reminded of the need for strong internal controls. The US Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) recently filed civil and criminal actions in the largest hacking and...more