Navigating Emerging Privacy Issues in Financial Services — The Consumer Finance Podcast
The Privacy Insider Podcast Episode 4: Don't Be Evil: In the Hot Seat of Data Privacy, Part 1
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Preventative Medicine: Health Care AI Privacy and Cybersecurity — The Good Bot Podcast
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
[Webinar] AI and Data Privacy: Minimizing Risk and Maximizing Opportunity
Work This Way: A Labor & Employment Law Podcast | Episode 14: How Employers Can Navigate Cybersecurity Issues with Brandon Robinson, Maynard Nexsen Attorney
Uncovering Hidden Risks: Ep 13 - Unveil Data Security Paradoxes
Navigating the Digital Frontier: Employee Privacy Rights and Legal Obligations in the Modern Workplace
The USPTO issued guidance on February 6, 2024 that clarified existing rules and policies and discussed how to apply them when AI is used in the drafting of submissions to the Patent Trial and Appeal Board (PTAB) and Trademark...more
In response to the number of successful, large-scale ransomware attacks affecting healthcare organizations nearly tripling since 2018, the Department of Health and Human Services (HHS) has released guidance outlining its...more
On December 12, 2023, the Department of Justice (“DOJ”) issued guidance related to the process by which companies may request the United States Attorney General authorize delays of cyber incident disclosures, pursuant to a...more
October has been a busy month for the OCR, which is tasked with enforcing the regulations issued under HIPAA. In the past week, the OCR released two new guidance documents aimed at reducing the privacy and security risks...more
The UK National Cyber Security Centre (NCSC) published its guidance on shadow IT on 27 July 2023. ‘Shadow IT’ are unknown assets that are used within an organisation for business purposes (including in certain cloud...more
The Securities and Exchange Commission (SEC) finalized cybersecurity rules this week for public companies centered on disclosure requirements for material cybersecurity incidents, as well as periodic reporting regarding...more
On March 8, the Department of Health and Human Services (HHS) released a cybersecurity implementation guide to assist public and private health care sectors prevent cybersecurity incidents. The Cybersecurity Framework...more
Today, after months of rumors regarding its release and contents, the White House issued its National Cybersecurity Strategy “to secure the full benefits of a safe and secure digital ecosystem.” The full strategy is 39 pages...more
The Cybersecurity Administration of China (the "CAC") has published guidelines concerning outbound data transfers of personal information and "important data" from China to other jurisdictions. Businesses must comply with...more
Under the PRC Cybersecurity Law, PRC Personal Information Protection Law and PRC Data Security Law, certain organisations (as well as individuals) are now required to conduct a security assessment of outbound transfers of...more
The new guidelines provide insight into how businesses can submit applications to the CAC in order to obtain approval via the CAC security assessment cross-border data transfer requirement. As of September 2022, all...more
NIST recently released several key deliverables relating to cybersecurity. These focus on secure software development and new consumer labeling programs as contemplated by President Biden’s Executive Order 14028, which seeks...more
While everyone hoped that 2021 would be less tumultuous than 2020, it certainly did not turn out that way in the end. The same was true in the world of data privacy – with sweeping new data protection regulations and guidance...more
On September 21, 2021, the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) published an updated sanctions advisory, providing guidance to companies on sanctions compliance obligations related to ransomware...more
In the wake of increased ransomware attacks over the course of the last several months, the US Department of Treasury’s Office of Foreign Assets Control (OFAC) has updated a guidance it released last year on potential...more
Key Takeaways: ..On August 13, 2021, FINRA issued Regulatory Notice 21-29 (“RN 21-29”) to remind member firms that they must establish and maintain an adequate supervisory system, including written supervisory procedures...more
On this episode of Williams Mullen's Benefits Companion, host Brydon DeWitt is joined by Beryl Ball, Principal Financial Advisor at CAPTRUST, who discusses recently released Department of Labor tips on cyber protection for...more
The Department of Labor recently issued cybersecurity guidance to retirement plans. The department’s Employee Benefits Security Administration (EBSA) issued guidance in three areas: (1) hiring and working with vendors and...more
”Not if, but when" is a phrase commonly used to describe data breach risk. Holding just under $11 trillion in assets, employer-sponsored retirement plans are a particularly enticing target for cybercriminals. Through audits...more
Earlier this month, the U.S. Department of Labor (the “DOL”) issued informal guidance outlining “best practices” for managing the cybersecurity risks facing employer-sponsored retirement plans. Although the DOL has...more
The Employee Benefits Security Administration of the United States Department of Labor (“EBSA”) recently published guidance regarding cybersecurity best practices for recordkeepers and service providers responsible for plan...more
A coalition of African nations have developed a data protection framework with the goal of centralizing data protection laws and the digital economy across Africa. Currently, five countries, including Nigeria, are testing the...more
On March 5, 2020, Gov. Phil Scott (VT-R) signed into law amendments to the Security Breach Notice Act (the “Act”). The amendments, which originated in the State Senate as part of an initiative addressing a number of data...more
More prevalent than ever before, Internet of Things (“IOT”) devices, a term that includes connected “smart” devices, such as internet connected TVs, wearables, smart speakers, such as the Amazon Echo and Google Home, are fast...more
Shook Weighs in on Updated CCPA Regulations - In response to extensive public comment, the California Attorney General’s office released modified draft regulations under the CCPA on February 7. Shook has provided initial...more