Compliance, Federal law and Information

Maturing Compliance with the Bulk Sensitive Data Rule (Data Security Program) before the July 8, 2025 Safe Harbor Expires

Debevoise Data Blog

MAY 28, 2025

On April 11, 2025, shortly after the first effective date of the DSP the National Security Division (NSD) of DOJ issued asuite of three policy and guidance documents to facilitate compliance with the DSP, including a 90 day civil enforcement safe harbor for good-faith compliance. Intelligence Community.

Compliance

Compliance Due diligence Time-tracking Federal law

Unlikely Careers for Lawyers

Legal Talk Network

JUNE 27, 2024

However, whether you have recently graduated from law school or are considering a second career opportunity, there are many unique legal options available today. Understanding these different roles can help you make well-informed decisions about your future, opening up new and exciting opportunities outside the traditional legal framework.

Lawyer

Lawyer Defendant Prosecutor Judge

Privacy Law: Status of Legal Practice Area in 2025

Martindale-Avvo

APRIL 30, 2025

In 1974, a pair of laws protected student academic records and put guardrails on the federal governments collection and use of personal information. These few federal laws apply to only some kinds of information. In recent years, most of the advances in privacy law have happened at the state level.

Law

Law Law Federal law Data protection

Webinars

Prep with Purpose: How to Build Better Trial Binders

MORE WEBINARS

CPPA Proposed Rulemaking Package Part 2 – Automated Decision-Making Technology

Debevoise Data Blog

FEBRUARY 13, 2025

The Draft Regulations define ADMT as any technology that processes personal information and uses computation to execute a decision, replace human decisionmaking, or substantially facilitate human decisionmaking. This includes using biometric information, vocal intonation, facial expression, and gesture ( g. ,

Compliance

Compliance Machine learning Federal law International law

A Guide to 5 Key Data Compliance Regulations for Legal Teams

MatterSuite

DECEMBER 12, 2024

In today’s world, industries rely heavily on data to inform decisions and drive innovation. But with the increase of business information in layers, comes the challenge of protecting personal and sensitive information, too. What is Data Compliance? Why is Data Compliance Important?

Compliance

Compliance Data protection Failure-to-appear Time-tracking

Staying Compliant in U.S. Investigations: How to Protect Privacy Without Losing Momentum

Lineal Services

APRIL 11, 2025

For global organizations and international law firms, conducting internal investigations that involve U.S. privacy compliance depends on navigating a maze of federal statutes, state-level laws, and industry-specific regulations. This is where having a regionally informed, legally grounded approach becomes essential.

Compliance

Compliance Time-tracking Federal law International law

Pandemic-Related Legal Ethics Opinions: A Compendium

LawSites

SEPTEMBER 23, 2021

This practice may include the law of their licensing jurisdiction or other law as permitted by ABA Model Rule 5.5(c) c) or (d), including, for instance, temporary practice involving other states’ or federal laws. Florida Advisory Opinion FAO #2019-4 (May 20, 2021). Issues addressed: Working out of state.

Intellectual Property

Intellectual Property Court Attorney Lawyer

FTC and HHS Announce Updated Health Privacy Publication

Inside Privacy

SEPTEMBER 25, 2023

Department of Health and Human Services (“HHS”) announced an updated joint publication describing the privacy and security laws and rules that impact consumer health data. Specifically, the “ Collecting, Using, or Sharing Consumer Health Information? HIPAA: The guidance reminds businesses that HIPAA applies to covered entities (i.e.,

Compliance

Compliance Federal law Law Law

New Requirements for Localisation of Major Internet Companies in Russia

Debevoise Data Blog

AUGUST 19, 2021

On 1 July 2021, [1] Federal Law No. 236-FZ on the Internet Activities of Foreign Entities in the Russian Federation (the “Law”) [2] came into force, requiring establishment of local presence, such as a branch, a representative office, or a subsidiary, for foreign Internet companies whose activities are focused on Russian users.

Federal law

Federal law Court Compliance Software

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Clio

JANUARY 30, 2024

Law firm data security should be a top priority for any practice, and here’s why: Clients trust you with their most confidential information. Since clients entrust lawyers with so much of their sensitive data, law firms make prime targets for cybercrime. To hackers and criminals, law firms are remarkably interesting.

Law firm

Law firm Law Law Due diligence

CJEU rules on DPO conflicts of interest under the GDPR

Technology Law Dispatch

FEBRUARY 22, 2023

At the request of the state officer for data protection and freedom of information of Thüringen, X-FAB and its group companies dismissed FC as DPO with immediate effect. The independence of the DPO must be preserved so that a proper review of the compliance of those objectives and methods in light of the GDPR and EU law.

Data protection

Data protection Court Compliance Federal law

Preparing for AI Whistleblowers

Debevoise Data Blog

APRIL 24, 2024

1] In March, the DOJ announced a new pilot whistleblower rewards program that reaffirmed its focus on AI, stating that prosecutors would integrate AI assessments into evaluations of corporate compliance programs and would seek “stiffer sentences” for AI misuse. [2] DOJ Whistleblower Program On March 7, 2024, Deputy Attorney General Lisa O.

e-records

e-records Federal law Prosecutor Compliance

Southwest’s Technology Troubles Accelerate DOT Action?

The North Carolina Journey of Law and Technology

JANUARY 26, 2023

However, federal law requires airlines to reimburse passengers for canceled or, in some situations, “significantly delayed” flights. In early January, the DOT issued a notice to “reaffirm its commitment to vigorously enforce the law to protect aviation consumers.” Department of Transportation (“DOT”) make things “right?”

Federal law

Federal law Software Compliance Hearing

Are Electronic Signatures Legally Binding? What Lawyers Should Know

Rocket Matter

AUGUST 22, 2024

Let’s discuss the legality of eSignatures, their enforceability, and how lawyers can leverage them effectively within their practice while maintaining compliance. The Advantages of eSignatures for Law Firms The legal validity of eSignatures is crucial and their benefits extend far beyond simply replacing wet signatures.

Lawyer

Lawyer e-records Law firm Compliance

How to Make Sure Your Law Firm's Website is ADA Compliant

Centerbase

NOVEMBER 29, 2022

Ensuring that your law firm’s website is ADA compliant is another way to show that you care. In this blog, we’ll cover the basics of the ADA and ADA compliance. We’ll also dive into how to make your law firm website accessible and why, above all, accessibility matters and should be strived for. What is ADA compliance?

Law firm

Law firm Lawsuit Law Law

Washington’s Novel Health Data Law: An In-Depth Look

Debevoise Data Blog

AUGUST 2, 2023

Although states continue to pass comprehensive privacy laws in 2023, Washington’s My Health My Data Act (“MHMDA”) deserves closer attention due to its breadth as well as its novel—and potentially onerous—provisions. The MHMDA does not apply to deidentified data that cannot be linked back to a consumer nor publicly available information.

Law

Law Law e-records Time-tracking

A Closer Look at 2023 U.S. State Privacy Law Activity: Washington State

Debevoise Data Blog

AUGUST 2, 2023

Although states continue to pass comprehensive privacy laws in 2023, Washington’s My Health My Data Act (“MHMDA”) deserves closer attention due to its breadth as well as its novel—and potentially onerous—provisions. The MHMDA does not apply to deidentified data that cannot be linked back to a consumer nor publicly available information.

Law

Law Law e-records Time-tracking

Face Forward: Strategies for Complying with Facial Recognition Laws

Debevoise Data Blog

OCTOBER 18, 2021

These laws do not target facial recognition in particular but regulate the use of biometric information (which includes many forms of facial data) among the many types of personal data that they cover. The law contains two main requirements. Jurisdictions vary on whether photographs are covered as a form of biometric data.

Law

Law Law Court Time-tracking

Are Electronic Signatures Legal?

Clio

MARCH 14, 2024

ESIGN, UETA, and laws governing e-signatures in the US In the US, there are two primary laws governing electronic signatures: The Electronic Signature in Global and National Commerce (ESIGN) Act is a federal law that serves to create a US standard for electronic signatures. The ESIGN Act applies nationwide.

e-records

e-records e-filing Client Intake Court

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Debevoise Data Blog

OCTOBER 26, 2021

Federal and State Legislation There is currently no federal law that specifically regulates biometric privacy. Among other proposed federal legislation, the National Biometric Information Privacy Act of 2020 died in Congress last year. No comprehensive and preemptive federal law seems likely to pass anytime soon.

Compliance

Compliance Federal law Data protection Machine learning

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

Covered data” includes information that identifies or is linked or reasonably linkable to (1) an individual or (2) a device that identifies an individual. Both data derived from information about an individual or device and technologically created identifiers, like IP addresses and customer numbers, could be covered data. ADPPA § 2(8).

State law

State law Federal law Compliance Data protection

New Cyber Incident Reporting Coming for Critical Infrastructure: Five Key Takeaways

Debevoise Data Blog

MARCH 16, 2022

While the Act has many of the same themes as previously proposed cybersecurity reporting laws , it does not create substantive cybersecurity obligations outside of incident reporting, and does not provide CISA with the rulemaking authority to adopt and enforce such cybersecurity obligations. CISA Has its Own Reporting Obligations.

Due diligence

Due diligence Federal law Compliance Attorney

NYC’s AI Hiring Law Is Now Final and Effective July 5, 2023

Debevoise Data Blog

APRIL 12, 2023

In this Debevoise Data Blog post, we discuss the current state of the AEDT Law and highlight how the final changes impact employers’ compliance obligations. The Final Rules address many of the issues raised during the comment period but also increase the compliance burden for employers. Title 29, part 1602.7.”

Law

Law Law Compliance Machine learning

Biden Administration Acts to Limit Access to Sensitive Personal Data by Countries of Concern

Debevoise Data Blog

MARCH 5, 2024

Olsen of the DOJ’s National Security Division described the actions as addressing a “key gap in our national security authorities” that will be “a new and powerful enforcement tool to protect Americans and their most sensitive information from being exploited by our adversaries.” Compliance requirements. Sensitive personal data.

Compliance

Compliance e-records Federal law Court

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Debevoise Data Blog

JANUARY 16, 2025

1] The rule focuses on protecting critical datasets, including biometric identifiers, health records, genomic data, financial information and precise geolocation data, as outlined in the Government-Related Location Data List. [2] company and its foreign subsidiaries and transactions required by federal law or international agreements.

Compliance

Compliance Due diligence e-records Time-tracking

Legal Tech Connection

Maturing Compliance with the Bulk Sensitive Data Rule (Data Security Program) before the July 8, 2025 Safe Harbor Expires

Unlikely Careers for Lawyers

Webinars

Trending Sources

Privacy Law: Status of Legal Practice Area in 2025

Webinars

CPPA Proposed Rulemaking Package Part 2 – Automated Decision-Making Technology

A Guide to 5 Key Data Compliance Regulations for Legal Teams

Staying Compliant in U.S. Investigations: How to Protect Privacy Without Losing Momentum

Pandemic-Related Legal Ethics Opinions: A Compendium

FTC and HHS Announce Updated Health Privacy Publication

New Requirements for Localisation of Major Internet Companies in Russia

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

CJEU rules on DPO conflicts of interest under the GDPR

Preparing for AI Whistleblowers

Southwest’s Technology Troubles Accelerate DOT Action?

Are Electronic Signatures Legally Binding? What Lawyers Should Know

How to Make Sure Your Law Firm's Website is ADA Compliant

Washington’s Novel Health Data Law: An In-Depth Look

A Closer Look at 2023 U.S. State Privacy Law Activity: Washington State

Face Forward: Strategies for Complying with Facial Recognition Laws

Are Electronic Signatures Legal?

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

What the ADPPA Means for U.S. Data Regulation

New Cyber Incident Reporting Coming for Critical Infrastructure: Five Key Takeaways

NYC’s AI Hiring Law Is Now Final and Effective July 5, 2023

Biden Administration Acts to Limit Access to Sensitive Personal Data by Countries of Concern

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Stay Connected