Compliance, Due diligence and Information

Maturing Compliance with the Bulk Sensitive Data Rule (Data Security Program) before the July 8, 2025 Safe Harbor Expires

Debevoise Data Blog

MAY 28, 2025

On April 11, 2025, shortly after the first effective date of the DSP the National Security Division (NSD) of DOJ issued asuite of three policy and guidance documents to facilitate compliance with the DSP, including a 90 day civil enforcement safe harbor for good-faith compliance. Intelligence Community.

Compliance

Compliance Due diligence Time-tracking Federal law

GDPR Considerations When Developing and Deploying AI Models: The EDPB’s Opinion on Compliance

Debevoise Data Blog

APRIL 14, 2025

The Opinion provides high-level views and considerations for DPAs to apply when assessing GDPR compliance associated with developing or deploying AI models, and provides a helpful indication on the EDPBs thought trajectory. Undertaking due diligence on the AI model/system providers data protection compliance.

Compliance

Compliance Due diligence Data protection Defendant

Battle Royale: Alpha Modus Sues Walgreens for Patent Infringement

Brett Trout

FEBRUARY 4, 2025

This case underscores the importance of protecting intellectual property and of conducting intellectual property due diligence before launching new technology. Alpha Modus wrote to Walgreens in February of 2020 informing Walgreens of Alpha Modus patents, then wrote two more letters. Walgreens ignored all three letters.

Intellectual Property

Intellectual Property Due diligence Lawsuit Time-tracking

Webinars

No Objections: Better Case Management with AI for Paralegals

MORE WEBINARS

FTC’s Consent Order Against Marriott: Expectations for Reasonable Security

Debevoise Data Blog

JANUARY 30, 2025

With obligations extending 20 years, the Consent Order requires Marriott to, among other remedial steps, implement a comprehensive information security program (ISP) with prescribed security measures, the effectiveness of which will be subject to a third-party independent biennial assessment.

Due diligence

Due diligence Compliance Software Attorney

Why Your Legal Team Deserves Better Tools in 2025

MatterSuite

JUNE 4, 2025

Here’s why 2025 demands a tech upgrade and how MatterSuite provides the solutions: Outdated tools are equivalent to slow operations Many legal teams still rely on older generational software (or, worse, paper-heavy processes) for tasks like contract management, discovery, and compliance tracking. These tools also help avoid costly errors.

Legal tech

Legal tech Legal tech Time-tracking Due diligence

Everything You Should Know About AI Legal Tech

Percipient

JANUARY 20, 2025

This adaptability makes machine learning a key part of legal AI as it helps professionals make informed decisions faster while reducing the chance of oversight. Its also super handy for spotting legal risks early, especially in compliance, so you can deal with issues before they get out of hand.

Legal tech

Legal tech Legal tech Machine learning e-discovery

Part 2 – Helpful Guidance on Managing (Non-Cybersecurity) AI Risks from Hong Kong’s SFC

Debevoise Data Blog

NOVEMBER 21, 2024

Cross-Functional Approach: Senior management should ensure that responsible staff from the business, risk, compliance and technology functions can effectively manage the LC’s adoption and implementation of AI LMs by possessing the relevant competence in AI, data science, model risk management, and domain expertise.

Compliance

Compliance Due diligence Law Law

Top 7 Legal Contract Review Software Tools of 2025

Percipient

MARCH 18, 2025

Risk and compliance checks : It flags missing clauses, unfavorable terms, or non-compliance with legal standards, helping you avoid costly mistakes. Reduce the Risk of Costly Mistakes One missed clause can lead to financial losses, compliance issues, or even lawsuits. No pressure, right?

Software

Software Due diligence Machine learning e-discovery

Legal Operations Tools: What General Counsel Must Know Before Investing

MatterSuite

JUNE 2, 2025

Litigation vs. Compliance). The inability to rapidly assess legal risks and opportunities during due diligence puts a company at a significant disadvantage. It puts all contract information in one place, automates processes, and gives visibility into contractual commitments and risks.

Time-tracking

Time-tracking Due diligence e-filing Software

European Data Protection Roundup – January 2025

Debevoise Data Blog

FEBRUARY 28, 2025

The Italian DPA opened an investigation into DeepSeek for possible GDPR non-compliance associated with its AI chatbot services data collection and processing activities. UK ICO acts on cookie compliance. DeepSeek was given 20 days to provide the requested information.

Data protection

Data protection Compliance Due diligence Time-tracking

When AI Failures Could Be “Operations Events” Under Form PF

Debevoise Data Blog

JULY 13, 2025

billion in hedge fund RAUM trigger for becoming a “large hedge fund adviser” is retrospective, [1] a registered adviser that does not currently meet that AUM threshold should closely monitor its month-end AUM attributable to hedge funds to ensure compliance with critical operations reporting obligations for any “qualifying hedge fund.”

Due diligence

Due diligence Compliance Law Law

Helpful Guidance on Managing AI-Related Cybersecurity Risks from Hong Kong’s SFC

Debevoise Data Blog

NOVEMBER 18, 2024

Sensitive Inputs : LCs should have controls to assess and mitigate the risks of sensitive confidential information, such as personal data, being input by users or fed into AI LMs. Client Data : LCs should ensure that controls in relation to confidential client and business information remain effective throughout the model lifecycle.

Intellectual Property

Intellectual Property Due diligence Compliance Machine learning

Treasury’s Post-2024 RFI Report on AI in Financial Services – Uses, Opportunities, and Risks

Debevoise Data Blog

JANUARY 23, 2025

The Report summarizes key themes from comments from a variety of industry stakeholders (respondents) in response to Treasurys June 2024 Request for Information (RFI), and recommends several next steps for financial regulators, financial services firms, and government agencies more broadly for coordination purposes.

Compliance

Compliance Intellectual Property Due diligence e-records

Biden Administration Proposes to Limit Access to Sensitive Personal Data by Countries of Concern

Debevoise Data Blog

NOVEMBER 5, 2024

Unlike the Advance Notice, the Proposal considers how the rule’s restrictions on vendor agreements could impact the authority of the Department of Commerce’s Office of Information and Communications Technology and Services (“ OICTS ”). Comments are due on November 29. Compliance and diligence. Data mapping.

Compliance

Compliance Due diligence Law Law

Due Diligence Checklist: A Step-by-Step Guide

CaseFox

OCTOBER 10, 2023

The due diligence checklist is a comprehensive document that you can use to help you prepare for a potential deal. The due diligence checklist is also an essential part of any business transaction. The format of a due diligence checklist is basic. However, you can change it to fit various industries.

Due diligence

Due diligence Intellectual Property Litigation Litigator

Streamlining Procurement: How RFPs Benefit Corporate Legal Teams and Law Firms

MatterSuite

JUNE 19, 2023

Additionally, another important aspect of the procurement process is the Request for Information (RFI). An RFI serves as a preliminary step before issuing an RFP and plays a crucial role in gathering information and qualifying potential vendors or law firms. It helps gather information and evaluate service providers.

Law firm

Law firm Due diligence Compliance Law

Law Firm Data Security: A Comprehensive Guide

CaseFox

MAY 30, 2023

As custodians of sensitive client information, law firms must take proactive measures to safeguard data from cyber threats and ensure compliance with data protection regulations. Additionally, understanding regulatory compliance requirements, such as HIPAA and GDPR, ensures adherence to legal obligations and enhances data protection.

Law firm

Law firm Data protection Law Law

Can Lawyers Ethically Store and Transmit Client Info in the Cloud?

Attorney at Work

JUNE 4, 2022

We don’t want an ethics violation due to a data breach of our clients’ confidential information. So, let’s focus on two parts of your question: Do the Rules of Professional Conduct allow lawyers to store and transmit client information in the cloud? You just need to take reasonable due diligence to know it is secure.

Due diligence

Due diligence Lawyer Court Attorney

PCI Compliance for Law Firms: A Comprehensive Guide

MatterSuite

MAY 25, 2023

In today’s digital age, where financial transactions are increasingly conducted online, the security of payment card information is of paramount importance. This is particularly true for law firms that handle sensitive client data, including credit card information.

Compliance

Compliance Law firm Law Law

The UK Information Commissioner’s Data Protection Practioner’s Conference 2023 on Cybersecurity

Technology Law Dispatch

OCTOBER 26, 2023

On 3 October 2023, the UK Information Commissioner’s Office organised its annual Data Protection Practioner’s Conference 2023 (DPPC 2023). Any framework could be used as a baseline as long as the focus is on security as an outcome and not compliance. Here are the takeaways from the DPPC 2023 (the event sessions available here ).

Data protection

Data protection Due diligence Compliance Law

Introducing Harvey AI: Revolutionizing the Legal Field with Artificial Intelligence

Martindale-Avvo

MAY 25, 2023

Harvey AI’s Capabilities Harvey AI’s capabilities include: Contract analysis, Due diligence, Litigation, and regulatory compliance. While information on Harvey AI’s offerings is limited on their website, Open.AI Funding Received in December 2022 In December 2022, Open.AI unveiled the Open.AI

Due diligence

Due diligence Law firm Compliance Lawyer

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

3 Geeks and a Law Blog

JULY 11, 2023

Ellington realized the technology could provide secure access to sensitive information from anywhere. Leib notes SessionGuardian’s solution addresses risks beyond eDiscovery and source code review, including data breach response, M&A due diligence, and outsourced call centers.

Law firm

Law firm Time-tracking Due diligence Attorney

The Legal Ethics of Cloud Computing & SaaS

Percipient

NOVEMBER 24, 2021

In short, lawyers must observe their long-standing ethical obligation to preserve client confidence and conduct due diligence into any service or vendor used to store client information. Other states describe a lawyer’s duty when choosing SaaS and cloud computing services as one of “due diligence.”

Due diligence

Due diligence e-discovery e-filing Attorney

The SEC’s New Risk Alert Warns about the Use of Alternative Data

Debevoise Data Blog

MAY 1, 2022

On April 26, 2022, the Division of Examinations (“EXAMS”) of the Securities and Exchange Commission (the “SEC”) issued a Risk Alert titled “ Investment Adviser MNPI Compliance Issues ” (“Risk Alert”) on the use of alternative data.

Due diligence

Due diligence Failure-to-appear Compliance Law

Not Again! Two More Cases, Just this Week, of Hallucinated Citations in Court Filings Leading to Sanctions

LawSites

FEBRUARY 22, 2024

Appellant submitted the Appellate Brief in his name and certified its compliance with [the court’s rules] as a self-represented person. At a hearing on the motions to dismiss, the judge started out by informing plaintiff’s counsel of the fictitious cases he’d found and asking how they’d been included in the filings.

Court

Court e-filing Judge Hearing

The European Union’s Digital Services Act: In Force from This Saturday, February 17, 2024, Including for U.S. Intermediaries (Guest Blog Post)

Eric Goldman

FEBRUARY 15, 2024

The DSA sets EU-wide rules for the “conditional exemption” of intermediaries from liability (including a “notice and action” mechanism), while also imposing on intermediaries certain due diligence obligations that reflect the evolution in technology and business models since the EU legislation of the early 2000s.

Due diligence

Due diligence Data protection Compliance Court

Managing Legal Risks: Strategies for In-House Legal Counsel

MatterSuite

JULY 31, 2023

By staying informed, legal counsel can identify potential risks and take proactive measures to ensure compliance. Implement Comprehensive Compliance Programs Developing and implementing robust compliance programs is an essential strategy for managing legal risks.

Due diligence

Due diligence Intellectual Property Compliance Data protection

Managing Legal Risks: Strategies for In-House Legal Counsel

MatterSuite

JULY 9, 2023

By staying informed, legal counsel can identify potential risks and take proactive measures to ensure compliance. Implement Comprehensive Compliance Programs Developing and implementing robust compliance programs is an essential strategy for managing legal risks.

Due diligence

Due diligence Intellectual Property Compliance Data protection

Harnessing AI in Transactional Legal Work

Clio

FEBRUARY 21, 2025

From contract drafting to due diligence and deal efficiency, AI helps lawyers complete transactional legal tasks faster and more efficiently. Is keeping up with due diligence document review taking up a lot of staff time? AI wont replace transactional lawyers, but it is transforming how they work.

Due diligence

Due diligence Legal research Law firm Practice management

AI and Its Impact on the Legal Industry

MatterSuite

JULY 4, 2023

Ultimately enabling them to make more informed decisions and provide better counsel to their clients. Contract Analysis and Due Diligence: AI technologies, such as natural language processing (NLP), have made significant strides in automating contract analysis and due diligence processes.

Due diligence

Due diligence Machine learning e-discovery Legal research

What Are Billable Hours? A Guide for Lawyers

Rocket Matter

OCTOBER 3, 2023

This might include, but definitely isn’t limited to: Researching or performing due diligence for a client’s matter Correspondences or meetings related to a case Drafting briefs Filing paperwork Court appearances On the other hand, a great deal of legal work falls into the non-billable hour camp.

Time-tracking

Time-tracking Lawyer Due diligence Software

Summary of amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 in relation to online gaming

Ikigai Law

APRIL 7, 2023

Overview This note captures the key takeaways of Ministry of Electronics and Information Technology ( MeitY )’s amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 ( IT Rules 2021 ) to regulate online gaming ( the Amendment ). Compliance for OGIs under the Amendment 1.

Compliance

Compliance e-records e-filing Time-tracking

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Clio

JANUARY 30, 2024

Law firm data security should be a top priority for any practice, and here’s why: Clients trust you with their most confidential information. Despite these risks, law firms are obligated to protect their clients’ information. Check out our blog post on understanding HIPAA compliance for more information.

Law firm

Law firm Law Law Due diligence

Navigating Rapid Change: How AI Empowers Legal Teams to Stay Ahead

MatterSuite

AUGUST 28, 2023

This accelerates legal teams’ efficiency and prevents crucial details from being lost in the information overload. Analyzing past cases and judge behavior allows legal teams to make informed decisions on litigation, settlement, or alternative dispute resolution.

Due diligence

Due diligence Machine learning Analytics Dispute resolution

Recent SEC Enforcement Action Against App Annie Signals Continuing Focus on Data-related Disclosure and Policy Violations

Debevoise Data Blog

SEPTEMBER 20, 2021

To the extent that the data sets are being generated internally or scraped from the public Internet, make sure that there are policies and procedures to confirm regulatory compliance with contractual, IP and privacy obligations that may limit the use of that data.

Due diligence

Due diligence Compliance Analytics Law

Legal AI Tools

Lawmatics

JANUARY 23, 2024

Advanced algorithms can quickly analyze vast legal information databases, statutes, and case law to provide relevant and up-to-date information. Predictive analytics: AI can predict case outcomes based on historical data to help lawyers and legal professionals make more informed decisions about case strategy and settlement options.

Legal AI

Legal AI Legal Secretary e-discovery Paralegal

Top 10 (Well, 11) Cybersecurity Blog Posts for 2024

Debevoise Data Blog

DECEMBER 10, 2024

In this post, we discuss how companies can comply with NYDFSs current approach by establishing internal governance committees, conducting a gap assessment against existing controls and standardizing due diligence processes, among other practical tips.

Compliance

Compliance Due diligence Law Law

EU cyber regulation wave quietly rolls on – Commission set to finalize new cyber standards

Inside Privacy

DECEMBER 5, 2023

The draft ECCS builds on the Common Criteria for Information Technology Security Evaluation (ISO standard 15408) – a welcome albeit incomplete embrace of international standards – and is intended to cover a broad range of IT products with security components such as smartphones, bank cards, and routers. of global turnover.

Due diligence

Due diligence Compliance Law Law

Know Your (Crypto) Customer – New KYC rules in town!

Ikigai Law

MAY 11, 2023

With this change, crypto-businesses are subject to an entirely new compliance universe. It must then undertake ‘enhanced diligence’ like asking for additional KYC details or source of funds. Undoubtedly, these obligations will increase the compliance burden for crypto-businesses. The notification is straightforward.

Due diligence

Due diligence e-records Compliance Law

The Future of Legal Tech: How Technology Is Transforming the Business of Law

MatterSuite

OCTOBER 27, 2023

This helps lawyers to assess the strength of their cases and make informed decisions. Document Analysis: AI-driven software, such as Kira and Relativity, can review and extract critical information from documents, contracts, and emails. It automates the time-consuming process of document review and due diligence.

Legal tech

Legal tech Legal tech e-discovery Machine learning

Is There an AI Tool to Create Legal Documents?

Lawmatics

NOVEMBER 7, 2023

AI makes it easy for firms to create their own intake process and efficiently capture client information with client intake form templates. AI supports the review of large volumes of electronically stored information (ESI) such as documents, emails, social media content, and other digital data. Due diligence.

Client Intake

Client Intake Due diligence Legal advice Analytics

The State of State Law Cybersecurity Requirements

Debevoise Data Blog

SEPTEMBER 30, 2021

Almost everyone working in cybersecurity compliance is aware that each U.S. For example, in 2009, Massachusetts enacted several substantive requirements, including a written comprehensive information security program that contains administrative, technical, and physical controls. Code Ann. § See 201 Mass.

State law

State law Law Law Compliance

Harvey AI: What We Know So Far

Clio

MARCH 13, 2023

Harvey AI assists with contract analysis, due diligence, litigation, and regulatory compliance and can help generate insights, recommendations, and predictions based on data. While Harvey AI’s website provides minimal information about the product’s offerings, Open.AI invests in Harvey AI Harvey AI was among the Open.AI

Due diligence

Due diligence Practice management Law firm Software

OFAC’s Ransomware Advisory Part 2 – How Banks Can Reduce Their Sanctions Risk for Client Cyber Ransom Payments

Debevoise Data Blog

OCTOBER 4, 2021

In this Part 2, we discuss the measures that financial institutions can adopt to mitigate their ransomware sanctions risks, and why those compliance controls differ from the steps being taken by victims. These reviews can help determine which areas of the bank’s business may require heightened consideration for sanctions compliance.

Due diligence

Due diligence Compliance Data protection Law

Maturing Compliance with the Bulk Sensitive Data Rule (Data Security Program) before the July 8, 2025 Safe Harbor Expires

GDPR Considerations When Developing and Deploying AI Models: The EDPB’s Opinion on Compliance

Webinars

Trending Sources

Battle Royale: Alpha Modus Sues Walgreens for Patent Infringement

Webinars

FTC’s Consent Order Against Marriott: Expectations for Reasonable Security

Why Your Legal Team Deserves Better Tools in 2025

Everything You Should Know About AI Legal Tech

Part 2 – Helpful Guidance on Managing (Non-Cybersecurity) AI Risks from Hong Kong’s SFC

Top 7 Legal Contract Review Software Tools of 2025

Legal Operations Tools: What General Counsel Must Know Before Investing

European Data Protection Roundup – January 2025

When AI Failures Could Be “Operations Events” Under Form PF

Helpful Guidance on Managing AI-Related Cybersecurity Risks from Hong Kong’s SFC

Treasury’s Post-2024 RFI Report on AI in Financial Services – Uses, Opportunities, and Risks

Biden Administration Proposes to Limit Access to Sensitive Personal Data by Countries of Concern

Due Diligence Checklist: A Step-by-Step Guide

Streamlining Procurement: How RFPs Benefit Corporate Legal Teams and Law Firms

Law Firm Data Security: A Comprehensive Guide

Can Lawyers Ethically Store and Transmit Client Info in the Cloud?

PCI Compliance for Law Firms: A Comprehensive Guide

The UK Information Commissioner’s Data Protection Practioner’s Conference 2023 on Cybersecurity

Introducing Harvey AI: Revolutionizing the Legal Field with Artificial Intelligence

Cybersecurity in the Remote Work Era: AI, Employees and an Integrated Defense – With SessionGuardian’s Jordan Ellington and Oren Leib, and Katten’s Trisha Sircar (TGIR Ep. 211)

The Legal Ethics of Cloud Computing & SaaS

The SEC’s New Risk Alert Warns about the Use of Alternative Data

Not Again! Two More Cases, Just this Week, of Hallucinated Citations in Court Filings Leading to Sanctions

The European Union’s Digital Services Act: In Force from This Saturday, February 17, 2024, Including for U.S. Intermediaries (Guest Blog Post)

Managing Legal Risks: Strategies for In-House Legal Counsel

Managing Legal Risks: Strategies for In-House Legal Counsel

Harnessing AI in Transactional Legal Work

AI and Its Impact on the Legal Industry

What Are Billable Hours? A Guide for Lawyers

Summary of amendments to the Information Technology (Intermediary Guidelines and Digital Media Ethics Code) Rules, 2021 in relation to online gaming

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Navigating Rapid Change: How AI Empowers Legal Teams to Stay Ahead

Recent SEC Enforcement Action Against App Annie Signals Continuing Focus on Data-related Disclosure and Policy Violations

Legal AI Tools

Top 10 (Well, 11) Cybersecurity Blog Posts for 2024

EU cyber regulation wave quietly rolls on – Commission set to finalize new cyber standards

Know Your (Crypto) Customer – New KYC rules in town!

The Future of Legal Tech: How Technology Is Transforming the Business of Law

Is There an AI Tool to Create Legal Documents?

The State of State Law Cybersecurity Requirements

Harvey AI: What We Know So Far

OFAC’s Ransomware Advisory Part 2 – How Banks Can Reduce Their Sanctions Risk for Client Cyber Ransom Payments

Stay Connected