Why Privacy is Your Secret Weapon Against Third-Party Risk
Due Diligence in AI: 3 things you need to survive AI scrutiny
Enhancing Compliance: The Power of Independent Monitorships in Consumer Protection — Regulatory Oversight Podcast
Investigations and Cognitive Interviews
Consumer Finance Monitor Podcast Episode: Regulators Escalate Focus on the Risks of Bank Relationships with Fintechs and Other Third Parties
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
AGG Talks: Women in Tech Law Podcast - Episode 4: Preparing for a Transaction? What Emerging Growth Companies Need to Know
Meeting the Needs of General Counsel: Beyond the Basics of Legal Advice - On Record PR
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Why Time Matters: Partners Lindsay Gerdes and Michael J. Bronson on Swift Action in Government Investigations
Consumer Finance Monitor Podcast Episode: Why do Fintechs Want to Become Banks?
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Episode 331- NAVEX State of Risk and Compliance Programs
What the Board Should Be Asking About the Compliance Program
Video: Artificial Intelligence Use in Political Campaigns
Episode 329 -- Bryn Sedlacek from Aravo on TPRM Holistic Risks and Unified Visibility
Compliance Lessons from Dating in Your 50s
The Justice Insiders Podcast - AI-Washing: Everything Old Is New Again
Elevate your resilience in the new year by understanding top GRC trends, patterns, and best practices across AI, TPRM, cyber risk, and more. As we step into 2024, technological advancements and an increasingly connected —...more
Learning Objectives - Data privacy compliance requires the use of privacy impact assessments and data transfer assessments - What about the value of other assessments like privacy by design, online safety, AI risk,...more
Explore the unique issues that are pertinent to managed care professionals! This annual event dedicated to compliance management for health plan providers is returning to an in-person format for 2024. Join your peers and...more
In our last newsletter, we discussed due diligence as it relates to selection of vendors. The second part of that exercise is to negotiate your agreement with the vendor to properly manage any risks you identified. In this...more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more
By now, you have heard many news stories about debilitating cyberattacks that started with the compromise of a vendor's systems and ultimately wreaked havoc on that vendor's customers. As a result, many businesses are seeking...more
Security Schedules, Privacy Addenda, TOMs, DPAs—whatever you call them, privacy and cybersecurity contract terms have exploded in prevalence in recent years, bringing with them new importance that can lead to difficult and...more
Exclusive roadmap reveals, immersive Q&A with top product & industry experts, live product demos, electrifying presentations, co-innovation opportunities, and so much more— all coming to you live from the heart of Nashville,...more
In this fourth installment of five articles centered around the core functions within the National Institute of Standards and Technology (NIST) Privacy Framework, we cover the Communicate function and the corresponding...more
Organizations are becoming increasingly reliant on external parties to manage parts of their business, including their critical and sensitive data. While the specialized expertise and economies of scale that third parties and...more
The transformation to a work from home/work from anywhere model has become the new normal and even after the pandemic ends, many expect that model to continue. This accelerated transition has forced companies to embrace...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
Our Virtual Regional Healthcare Compliance Conferences provide updates on the latest news in regulatory requirement, compliance enforcement, and strategies to develop effective compliance programs. Watch, listen, and ask...more
In today’s connected world, businesses face constant pressure to improve their cybersecurity practices and to confirm that they are meeting industry standards. To continue helping businesses achieve those goals, the SEC...more
On January 27, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) announced its most recent Cybersecurity and Resiliency Observations. This report highlights specific practices that have been, and can be...more
Supply chains are emerging as an increasingly complex risk area for compliance. The risk includes trade compliance, vendor management issues associated with cyber/privacy, product compliance, REACH, ROHS and California...more
The Internet of Things (IoT) products have become a way of life. There are huge benefits of “smart” products, which interact through the internet to gather and exchange data to provide additional functions, security, and easy...more
Connected devices, or what is referred to as the “consumer internet of things” is big business right now. Consumers want to “talk” to their devices throughout their home wherever they are, and some organizations’ business...more
Fraud presents a constant threat to companies around the globe—and that risk is growing as perpetrators become ever more digitally savvy and creative in their criminal activities. K2 Intelligence has conducted a multitude of...more
A new Ponemon study emphasizes the risk of third party vendors which have access to company data. According to the survey “Data Risk in the Third Party Ecosystem,” companies are concerned about their third party vendors, but...more