Regulatory vs. Business Compliance
Fintech Focus Podcast | Navigating IT and Security Risks in Fintechs in Light of Impending DORA Deadline
On-Demand Webinar: Bring Predictability to the Spiraling Cost of Cyber Incident Response Data Mining
Episode 347 -- LRN's Code of Conduct Survey
Workplace Investigation Protocols: One-on-One with Greg Keating
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Harnessing Generative AI: Innovations and Best Practices — The Good Bot Podcast
Innovation in Compliance: Navigating Risk Management in the Automotive Industry with Tom Kline
Effective Compliance Training
Compliance Tip of the Day: Board Questions and Metrics for 3rd Party Risk Management
AI Washing: Simple Guidance to Avoid Risk
Webinar ¦ Benefits of Using AI in Construction
The Future of AI Regulation and Legislation: 5 Key Takeaways
Episode 342 -- How to Conduct an Internal Compliance Site Visit and Review
Why Privacy is Your Secret Weapon Against Third-Party Risk
Due Diligence in AI: 3 things you need to survive AI scrutiny
Enhancing Compliance: The Power of Independent Monitorships in Consumer Protection — Regulatory Oversight Podcast
Investigations and Cognitive Interviews
Consumer Finance Monitor Podcast Episode: Regulators Escalate Focus on the Risks of Bank Relationships with Fintechs and Other Third Parties
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
The Digital Operational Resilience Act (DORA) establishes a harmonised and comprehensive framework for information and communication technology (ICT) risk management in the financial sector. It is a directly applicable EU...more
BCLP recently hosted a seminar on AI in HR. In this thought-provoking session, we considered how AI is used in HR and its regulation in the EU and the UK, and then engaged in some discussions around two theoretical scenarios....more
The Office of the Australian Information Commissioner (OAIC) has published AI guidance articulating how Australian privacy law applies to AI and the OAIC’s overall expectations on AI governance and privacy safeguards for...more
This series of blogs rounds up some of the key data protection regulatory trends we have seen during 2024, focused on the EU and UK. 2024 has seen behavioural advertising and cookies continue to dominate the agenda of data...more
I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more
Last year, the UK Department of Digital, Culture, Media and Sport (DCMS) published its 10- year National AI Strategy for the regulation and promotion of artificial intelligence (AI) in the UK (Report). DCMS seeks to build...more
Colorado Attorney General Seeks Rulemaking Comments for the Colorado Privacy Act - With the Notice of Proposed Rulemaking set for fall 2022, Colorado’s Attorney General office is currently inviting preliminary comments for...more
United States - Regulatory—Policy, Best Practices, and Standard - NIST Unveils Draft Guidance to Protect Critical Infrastructure - On October 22, 2020, the National Institute of Standards and Technology ("NIST")...more
On February 19, 2020, the Information Commissioner’s Office (ICO), the data protection regulator in the United Kingdom, launched a consultation on its draft guidance on the artificial intelligence (AI) auditing framework. ...more
We are now over a year on from the major changes made to the European data protection regime by the GDPR so it is time to revisit what the changes mean now for the hospitality sector and investment in it, given increased...more
The British privacy protection agency (the Information Commissioner’s Office, or ICO) recently announced its intention to impose on international hotels chain Marriott a fine of about GBP 99 million for violating the GDPR,...more
Following in the footsteps of the CNIL and the ICO, the Berlin DPA will impose a multimillion-euro fine for breach of the GDPR. The Berlin Data Protection Authority (Berlin DPA) recently announced that it will issue a...more
Ready for the Inevitable? Barely a day goes by without a data breach hitting the headlines. It is becoming a fact of life for any firm holding data that, from time to time, some of that data might be lost, stolen,...more
The EU’s General Data Protection Regulation (GDPR), which went into effect in May 2018, requires companies to implement appropriate security measures when handling personal data....more
Focus on four areas to mitigate the danger of data transfer across borders - Cross-border data transfers are not only frequent, but often crucial components of everyday business. Today’s patterns of global data flow would...more
Last week, the UK’s Information Commissioner’s Office (ICO) published a monetary penalty notice which fined a private healthcare company, HCA International, £200,000 for its failure to keep sensitive data secure....more