The Privacy Insider Podcast Ep. 7: David, Goliath, and Data Privacy Part II: Max Schrems
When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more
In today’s digital landscape, organizations face numerous cybersecurity threats that can compromise their valuable digital assets, including their data, IT infrastructure, networks, software, and intellectual property (IP)....more
It’s no secret that compliance is a huge part of a corporate lawyer’s job. Whether it’s internal or external compliance, there’s a lot that needs to be done to keep a business operating smoothly and on the right side of the...more
Many supervisory authorities across Europe have reported increasing numbers of data breach notifications since the introduction of GDPR. While most companies are now familiar with the 72-hour reporting obligation for...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
On January 27, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) announced its most recent Cybersecurity and Resiliency Observations. This report highlights specific practices that have been, and can be...more
Our Regional Compliance Conferences provide attendees with a forum to interact with local compliance professionals, share information about your compliance successes and challenges, and create educational opportunities for...more
We previously reported that Cottage Health, a health care entity operating several hospitals in California, settled with the State of California for $2 million for a security incident that occurred in 2013. On February 7,...more
• The NFA has determined that registered CPOs must implement an internal controls system and highlighted best practices for such a framework. • In response to certain frequently asked questions, the NFA has also updated its...more
When it comes to digital threats, universities must protect not only a broad and deeply layered infrastructure, but also vast populations of students. In this episode, Elisa D’Amico and Desiree Moore outline their top five...more
On August 7, 2017, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) released a summary of its observations (the report) from cybersecurity examinations of 75...more
These days cybersecurity seems to be all about technology. Pen testing, firewalls, port scanning, SIEM, zero-day, IPS, AES256, SHA, DMZ, NIDS, TLS, SS7 – I’ll stop. I could go on, but you get the idea. And I have a vested...more
Five social media law issues to discuss with your clients - The explosive growth of social media has clients facing legal questions that didn’t even exist a few short years ago. Helping your clients navigate this...more
WISP is the acronym for Written Information Security Policy. The information at issue is an individual’s personal information and identifiers, such as a Social Security number, driver’s license number, credit or debit card...more
The title, of course, begs the question: does your business even have an Information Governance Program? If not, you should get one—quick. An integrated Information Governance Program is considered a “best practice” to...more