Why Privacy is Your Secret Weapon Against Third-Party Risk
Due Diligence in AI: 3 things you need to survive AI scrutiny
Enhancing Compliance: The Power of Independent Monitorships in Consumer Protection — Regulatory Oversight Podcast
Investigations and Cognitive Interviews
Consumer Finance Monitor Podcast Episode: Regulators Escalate Focus on the Risks of Bank Relationships with Fintechs and Other Third Parties
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
AGG Talks: Women in Tech Law Podcast - Episode 4: Preparing for a Transaction? What Emerging Growth Companies Need to Know
Meeting the Needs of General Counsel: Beyond the Basics of Legal Advice - On Record PR
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Why Time Matters: Partners Lindsay Gerdes and Michael J. Bronson on Swift Action in Government Investigations
Consumer Finance Monitor Podcast Episode: Why do Fintechs Want to Become Banks?
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Episode 331- NAVEX State of Risk and Compliance Programs
What the Board Should Be Asking About the Compliance Program
Video: Artificial Intelligence Use in Political Campaigns
Episode 329 -- Bryn Sedlacek from Aravo on TPRM Holistic Risks and Unified Visibility
Compliance Lessons from Dating in Your 50s
The Justice Insiders Podcast - AI-Washing: Everything Old Is New Again
The federal government is the biggest purchaser in America and that extends to the SaaS space. On September 24, 2024, the Office of Management and Budget (OMB) released Memorandum M-24-18, offering updated guidelines for the...more
This article originally appeared in The Legal Technologist November/December 2023 Issue here. As individuals, we have the legal right to access personal data held by an organisation, and an increasing number of requests are...more
I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
SEC Proposes and Seeks Comments on New Cybersecurity Rules - At an open meeting on February 9, 2022, the Securities and Exchange Commission (“SEC”) voted three-to-one to propose new and amended rules regarding cybersecurity...more
It’s no secret that compliance is a huge part of a corporate lawyer’s job. Whether it’s internal or external compliance, there’s a lot that needs to be done to keep a business operating smoothly and on the right side of the...more
The EU General Data Protection Regulation allows the temporary suspension of some data-protection rights in times of crisis, such as the outbreak of the 2019 Novel Coronavirus. This installment of The eData Guide to GDPR...more
With the recent spread of coronavirus (2019-nCoV), it is an important time to examine what information employers may share under HIPAA’s Privacy Rule during an outbreak of infectious disease or other emergency situation....more
The Singapore government has introduced additional control measures to minimize the risk of further transmission of the 2019 Novel Coronavirus in the community. Employers in Singapore must take proactive steps within the...more
Now that the sugar and the frivolity of the holiday season have worn off, let’s talk more about the different types of compliance management activities that will ensure your obligations are met, and some of the specific needs...more
A lot of attention is now being paid to the topic of data governance, and what it means versus data management. Within the last few years, data governance has leapt from an esoteric term bandied about only by IT...more
Why does this topic matter to organisations? Whereas the remedies and sanctions available to DPAs under the Directive were comparatively low (generally subject to a maximum of less than €1 million per infringement, with...more
When the European Union’s General Data Protection Regulation (GDPR) became effective on May 25, 2018, many US-based hospitals struggled to determine whether they were subject to the GDPR and, if so, what they must do to...more
“Getting to Data Nirvana” is our four-step approach to help you integrate your legal, regulatory and compliance work streams into your organisation’s overall data strategy. ...more
Whether you are ready or not, the European Union (EU) General Data Protection Regulation (GDPR) goes live today, May 25, 2018. It will impact companies doing business in the United Kingdom (UK) and the EU as much as any other...more
Although the GDPR comes into effect on May 25, 2018, the breadth of its reach will continue to develop long after its effective date. Domestic companies should be aware that the rules will likely change over time. While this...more
Today we are going to take a look at some of the basic policies and procedures that you need to have in place to comply with the new General Data Protection Regulation (GDPR) effective May 2018. I am joined in the exploration...more