Compliance, Definition and State law

The SEC Adopts Significant Cybersecurity Amendments to Reg S-P

Debevoise Data Blog

MAY 17, 2024

Firms will have either 18 or 24 months (depending on size) from the date of publication in the Federal Register to come into compliance. We discuss Reg S-P’s new and expanded requirements, as well as considerations for compliance, below. A comparison of Amended Reg S-P to the Proposed Amendments is available here. 17 CFR § 248.30(a)(3).

e-records

e-records Compliance e-filing Due diligence

Virginia Enacts Direct-to-Consumer Genetic Privacy Law as Numerous Other States Introduce Similar Bills

Inside Privacy

MARCH 31, 2023

These laws also contain exemptions related to clinical research and for PHI collected by a covered entity or business associate subject to HIPAA, and similarly exempt deidentified data, though we note the scope of each state laws’ exemptions are not identical.

Law

Law Law Compliance State law

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Debevoise Data Blog

OCTOBER 26, 2021

This would seem to eliminate not just the possibility of compliance-by-signage but also the possibility of online consent. This approach can be a hard sell for lawyers talking to their business-side clients, for whom being a compliance volunteer is rarely popular. Compliance. Has the company obtained those individuals’ consent?

Compliance

Compliance Federal law Data protection Machine learning

Webinars

The New Way of Conducting Patent Research: Proven Strategies For Efficient Due Diligence

AI for Paralegals: Everything You Need to Know (and How to Use It Safely)

The Tech-Savvy Paralegals Playbook: How To Leverage AI

Uncovering The Hidden Connections: A Patent Family Survival Guide

MORE WEBINARS

Connecticut’s Next Generation Data Privacy Law

Debevoise Data Blog

MAY 23, 2022

Here, we highlight key aspects of the CTPA with a focus on the provisions that companies should consider in their compliance preparations. We also provide an overview of the CTPA’s enforcement mechanisms and explain how the CTPA modifies prior laws’ safe harbor with a nod towards prosecutorial discretion. CTPA § 1(26). CTPA § 1(6).

Law

Law Law Compliance Attorney

Utah Joins the Comprehensive State Privacy Law Club

Debevoise Data Blog

APRIL 29, 2022

Bottom Line : While the narrower scope of consumer rights under the UCPA may ease compliance burdens, companies will need to determine whether they will be able to take a standardized approach for offering consumer rights under the UCPA and State Privacy Laws, or whether they will need to address rights on a state-by-state basis.

Law

Law Law Data protection Attorney

Face Forward: Strategies for Complying with Facial Recognition Laws

Debevoise Data Blog

OCTOBER 18, 2021

Illinois’ Biometric Information Privacy Act (“BIPA”) excludes both “digital photographs” and “information derived from” photographs from the definition of “biometric information.” State Laws Permitting but Regulating Collection and Use of Biometric Identifiers, including Facial Data.

Law

Law Law Court Time-tracking

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

3 Geeks and a Law Blog

JULY 11, 2023

He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. So I definitely think data. Not all, I believe only one or two state laws in the US require it.

Law firm

Law firm Time-tracking Due diligence Attorney

Observing the Black Box: Transcend’s Brandon Wiebe’s Insights into Governing Emerging AI Systems (TGIR Ep. 218)

3 Geeks and a Law Blog

SEPTEMBER 5, 2023

So there’s corporate and IP and employment and all of that, and our own internal privacy compliance as well. So that’s definitely a, you know, the automation is definitely something that helps uncover, you know, the, the not just the good data that’s out there. So it definitely has impact cross functionally as well.

Time-tracking

Time-tracking Hearing Compliance e-filing

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Legal Tech Monitor

JULY 11, 2023

He announces SessionGuardian will offer free CLE courses on cybersecurity awareness and compliance. Firms should look beyond check-the-box compliance to make privacy and security central in their culture. So I definitely think data. Not all, I believe only one or two state laws in the US require it.

Law firm

Law firm Time-tracking Due diligence Attorney

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

Debevoise Data Blog

DECEMBER 1, 2021

Information Privacy Law. Addressing the medical privacy essentials: HIPPA and the new challenges posed by the rise of telemedicine, especially during the Covid-19 pandemic, this chapter closely examines medical privacy and it contains helpful practice notes pertaining to HIPPA’s intricate definitions and requirements.

Law

Law Law Data protection Litigator

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

Even if not enacted, its provisions are likely to influence a future federal privacy law. And, in many ways, the ADPPA may set a new minimum standard that will shape any state laws passed to fill the void left by the lack of a federal privacy law. We’ve previously written about the development of U.S. ADPPA § 2(9).

State law

State law Federal law Compliance Data protection

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Debevoise Data Blog

JULY 9, 2021

Colorado has just adopted a brand-new data privacy law and Nevada has just significantly amended its law. These changes add rights for consumers, and compliance obligations for businesses, that take the U.S. further in the direction of European-style privacy law.

Data protection

Data protection Compliance Attorney State law

Observing the Black Box: Transcend’s Brandon Wiebe’s Insights into Governing Emerging AI Systems (TGIR Ep. 218)

Legal Tech Monitor

SEPTEMBER 4, 2023

So there’s corporate and IP and employment and all of that, and our own internal privacy compliance as well. So that’s definitely a, you know, the automation is definitely something that helps uncover, you know, the, the not just the good data that’s out there. So it definitely has impact cross functionally as well.

Time-tracking

Time-tracking Hearing Compliance e-filing

Recently Enacted AI Law in Colorado: Yet Another Reason to Implement an AI Governance Program

Debevoise Data Blog

JUNE 11, 2024

state law developments all reinforce the incentives for companies to adopt AI governance programs. Create a roadmap for compliance. The Law includes a list of technologies that are expressly excluded from the definition of high-risk AI systems, including, e.g., calculators, databases, spreadsheets, and databases.

Law

Law Law Compliance Attorney

European Data Protection Roundup – November 2023

Debevoise Data Blog

DECEMBER 22, 2023

The intersection between GDPR compliance and AI has been the subject of detailed analysis in a previous blog post. Following concerns that ambiguities in the definitions gave rise to a risk of circumvention, the Guidelines clarified that: “Information” includes both non-personal and personal data, regardless of how it was stored and by whom.

Data protection

Data protection Time-tracking Compliance Machine learning

Treasury’s Post-2024 RFI Report on AI in Financial Services – Uses, Opportunities, and Risks

Debevoise Data Blog

JANUARY 23, 2025

For internal uses, respondents emphasized the growing role of AI in compliance, risk management, and operations, with generative AI in particular enhancing tasks like report creation, data analysis, and detecting anomalies in anti-money laundering and sanctions compliance. Inconsistent State Laws.

Compliance

Compliance Intellectual Property Due diligence e-records

The Rise of “Post-Truth” Litigation: ALM’s Isha Marathe on How Deep Fakes Threaten the Legal System (TGIR Ep. 209)

3 Geeks and a Law Blog

JUNE 28, 2023

But I believe there are regulations coming out of Texas, Washington, and California, the California law might actually have sunsetted, earlier this year, but there are state laws coming up, kind of like data privacy regulations, which we often call a patchwork, because they’re slightly conflicting.

Litigator

Litigator Litigation Court e-discovery

The Rise of “Post-Truth” Litigation: ALM’s Isha Marathe on How Deep Fakes Threaten the Legal System (TGIR Ep. 209)

Legal Tech Monitor

JUNE 28, 2023

But I believe there are regulations coming out of Texas, Washington, and California, the California law might actually have sunsetted, earlier this year, but there are state laws coming up, kind of like data privacy regulations, which we often call a patchwork, because they’re slightly conflicting.

Litigator

Litigator Litigation Judge Court

Legal Tech Connection

The SEC Adopts Significant Cybersecurity Amendments to Reg S-P

Virginia Enacts Direct-to-Consumer Genetic Privacy Law as Numerous Other States Introduce Similar Bills

Webinars

Trending Sources

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Webinars

Connecticut’s Next Generation Data Privacy Law

Utah Joins the Comprehensive State Privacy Law Club

Face Forward: Strategies for Complying with Facial Recognition Laws

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Observing the Black Box: Transcend’s Brandon Wiebe’s Insights into Governing Emerging AI Systems (TGIR Ep. 218)

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

Debevoise Authors 2022 Edition of the PLI Privacy Law Answer Book

What the ADPPA Means for U.S. Data Regulation

New Privacy Legislation in the U.S.: The Patchwork Problem Grows

Observing the Black Box: Transcend’s Brandon Wiebe’s Insights into Governing Emerging AI Systems (TGIR Ep. 218)

Recently Enacted AI Law in Colorado: Yet Another Reason to Implement an AI Governance Program

European Data Protection Roundup – November 2023

Treasury’s Post-2024 RFI Report on AI in Financial Services – Uses, Opportunities, and Risks

The Rise of “Post-Truth” Litigation: ALM’s Isha Marathe on How Deep Fakes Threaten the Legal System (TGIR Ep. 209)

The Rise of “Post-Truth” Litigation: ALM’s Isha Marathe on How Deep Fakes Threaten the Legal System (TGIR Ep. 209)

Stay Connected