Compliance and Federal law - Legal Tech Connection

Maturing Compliance with the Bulk Sensitive Data Rule (Data Security Program) before the July 8, 2025 Safe Harbor Expires

Debevoise Data Blog

MAY 28, 2025

On April 11, 2025, shortly after the first effective date of the DSP the National Security Division (NSD) of DOJ issued asuite of three policy and guidance documents to facilitate compliance with the DSP, including a 90 day civil enforcement safe harbor for good-faith compliance. Intelligence Community.

Compliance

Compliance Due diligence Time-tracking Federal law

Privacy Law: Status of Legal Practice Area in 2025

Martindale-Avvo

APRIL 30, 2025

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 and the Childrens Online Privacy Protection Act (COPPA) of 1998 were significant federal advances in the areas of health information privacy and childrens online data. These few federal laws apply to only some kinds of information.

Law

Law Law Federal law Data protection

CPPA Proposed Rulemaking Package Part 2 – Automated Decision-Making Technology

Debevoise Data Blog

FEBRUARY 13, 2025

The Draft Regulations note several federal law preemptions, including for entities and data subject to HIPAA, entities and data subject to the FCRA, and data subject to the GLBA. On the other hand, an AI tool that is used to produce an investment summary is arguably not ADMT because the investment summary itself is not a decision.

Compliance

Compliance Machine learning Federal law International law

Webinars

No Objections: Better Case Management with AI for Paralegals

MORE WEBINARS

Staying Compliant in U.S. Investigations: How to Protect Privacy Without Losing Momentum

Lineal Services

APRIL 11, 2025

For global organizations and international law firms, conducting internal investigations that involve U.S. privacy compliance depends on navigating a maze of federal statutes, state-level laws, and industry-specific regulations. Instead, U.S. Data Retention: A Double-Edged Sword U.S. and international standards.

Compliance

Compliance Time-tracking Federal law International law

Building a Digital Future: Is America Ready for a Federal Digital Bill of Rights?

Richmond Journal of Law and Technology

MARCH 7, 2025

Compliance complications could lead to businesses’ complete refusal to use data insights: “While this will certainly ensure the company does not run into data privacy non-compliance issues, it can also stifle future innovation and efficiency. For companies of any size, data insights can drive success.” [16]

Compliance

Compliance Data protection Federal law Court

Unlikely Careers for Lawyers

Legal Talk Network

JUNE 27, 2024

Their role involves assisting individuals and entities in the industry with navigating complex startup procedures, transactional and compliance requirements, extensive licensing processes, and other related challenges, making them a crucial part of this rapidly growing industry.

Lawyer

Lawyer Defendant Prosecutor Judge

A Guide to 5 Key Data Compliance Regulations for Legal Teams

MatterSuite

DECEMBER 12, 2024

Amidst a world where cyber threats are becoming very advanced and prevalent, it is now imperative to uphold robust compliance to security frameworks, as well as sufficient cybersecurity measures , to secure data. Further, it will encompass several data compliance standards, besides being at the same time debating certain challenges.

Compliance

Compliance Data protection Failure-to-appear Time-tracking

Pandemic-Related Legal Ethics Opinions: A Compendium

LawSites

SEPTEMBER 23, 2021

This practice may include the law of their licensing jurisdiction or other law as permitted by ABA Model Rule 5.5(c) c) or (d), including, for instance, temporary practice involving other states’ or federal laws. Florida Advisory Opinion FAO #2019-4 (May 20, 2021).

Intellectual Property

Intellectual Property Court Attorney Lawyer

The Highest-growth Legal Practice Areas in 2024 and Beyond

Clio

AUGUST 28, 2024

Privacy and cybersecurity Privacy and cybersecurity laws are complex and vary between states (e.g., CCPA laws ). Also, these lawyers reduce privacy and security risks to comply with applicable state and federal laws. These laws also vary by industry, depending on who you’re doing business with.

Intellectual Property

Intellectual Property Mediator Lawyer Time-tracking

FTC and HHS Announce Updated Health Privacy Publication

Inside Privacy

SEPTEMBER 25, 2023

In addition to these general guidelines, the guidance also contains a number of specific examples of actions that may trigger FTC Act compliance concerns.

Compliance

Compliance Federal law Law Law

CJEU rules on DPO conflicts of interest under the GDPR

Technology Law Dispatch

FEBRUARY 22, 2023

The independence of the DPO must be preserved so that a proper review of the compliance of those objectives and methods in light of the GDPR and EU law. Implications The judgment confirms that DPOs do have the ability to carry out roles in addition to the DPO function, so long as it does not result in a conflict of interest.

Data protection

Data protection Court Compliance Federal law

New Requirements for Localisation of Major Internet Companies in Russia

Debevoise Data Blog

AUGUST 19, 2021

On 1 July 2021, [1] Federal Law No. 236-FZ on the Internet Activities of Foreign Entities in the Russian Federation (the “Law”) [2] came into force, requiring establishment of local presence, such as a branch, a representative office, or a subsidiary, for foreign Internet companies whose activities are focused on Russian users.

Federal law

Federal law Court Compliance Software

Preparing for AI Whistleblowers

Debevoise Data Blog

APRIL 24, 2024

1] In March, the DOJ announced a new pilot whistleblower rewards program that reaffirmed its focus on AI, stating that prosecutors would integrate AI assessments into evaluations of corporate compliance programs and would seek “stiffer sentences” for AI misuse. [2] DOJ Whistleblower Program On March 7, 2024, Deputy Attorney General Lisa O.

e-records

e-records Federal law Prosecutor Compliance

Southwest’s Technology Troubles Accelerate DOT Action?

The North Carolina Journey of Law and Technology

JANUARY 26, 2023

However, federal law requires airlines to reimburse passengers for canceled or, in some situations, “significantly delayed” flights. In early January, the DOT issued a notice to “reaffirm its commitment to vigorously enforce the law to protect aviation consumers.” Department of Transportation (“DOT”) make things “right?”

Federal law

Federal law Software Compliance Hearing

Are Electronic Signatures Legally Binding? What Lawyers Should Know

Rocket Matter

AUGUST 22, 2024

Let’s discuss the legality of eSignatures, their enforceability, and how lawyers can leverage them effectively within their practice while maintaining compliance. The Advantages of eSignatures for Law Firms The legal validity of eSignatures is crucial and their benefits extend far beyond simply replacing wet signatures.

Lawyer

Lawyer e-records Law firm Compliance

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

Clio

JANUARY 30, 2024

HIPAA : The Health Insurance Portability and Accountability Act (HIPAA) is a federal law that requires healthcare providers and “ business associates ” to protect protected health information (PHI) from inadvertent disclosure. Check out our blog post on understanding HIPAA compliance for more information. Are they compliant?

Law firm

Law firm Law Law Due diligence

How to Make Sure Your Law Firm's Website is ADA Compliant

Centerbase

NOVEMBER 29, 2022

Ensuring that your law firm’s website is ADA compliant is another way to show that you care. In this blog, we’ll cover the basics of the ADA and ADA compliance. We’ll also dive into how to make your law firm website accessible and why, above all, accessibility matters and should be strived for. What is ADA compliance?

Law firm

Law firm Lawsuit Law Law

Washington’s Novel Health Data Law: An In-Depth Look

Debevoise Data Blog

AUGUST 2, 2023

Although states continue to pass comprehensive privacy laws in 2023, Washington’s My Health My Data Act (“MHMDA”) deserves closer attention due to its breadth as well as its novel—and potentially onerous—provisions. What Are the Key Substantive Obligations?

Law

Law Law e-records Time-tracking

A Closer Look at 2023 U.S. State Privacy Law Activity: Washington State

Debevoise Data Blog

AUGUST 2, 2023

Although states continue to pass comprehensive privacy laws in 2023, Washington’s My Health My Data Act (“MHMDA”) deserves closer attention due to its breadth as well as its novel—and potentially onerous—provisions. What Are the Key Substantive Obligations?

Law

Law Law e-records Time-tracking

Face Forward: Strategies for Complying with Facial Recognition Laws

Debevoise Data Blog

OCTOBER 18, 2021

Unlike BIPA, the Washington law has not yet been tested in the courts, nor has the Washington attorney general announced any enforcement actions arising under it. c) Texas Texas’s biometric privacy law also imposes similar requirements to BIPA, but allows more avenues for compliance.

Law

Law Law Court Time-tracking

Are Electronic Signatures Legal?

Clio

MARCH 14, 2024

ESIGN, UETA, and laws governing e-signatures in the US In the US, there are two primary laws governing electronic signatures: The Electronic Signature in Global and National Commerce (ESIGN) Act is a federal law that serves to create a US standard for electronic signatures. The ESIGN Act applies nationwide.

e-records

e-records e-filing Client Intake Court

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

Debevoise Data Blog

OCTOBER 26, 2021

In this part, we assess where the law seems to be heading and offer some practical risk reduction strategies. Federal and State Legislation There is currently no federal law that specifically regulates biometric privacy. No comprehensive and preemptive federal law seems likely to pass anytime soon.

Compliance

Compliance Federal law Data protection Machine learning

What the ADPPA Means for U.S. Data Regulation

Debevoise Data Blog

JULY 12, 2022

The ADPPA places direct obligations on service providers, including obligations not found in other state privacy laws such as a prohibition on transferring data (except to another service provider) without affirmative express consent. ADPPA § 302(a). ADPPA § 404(b)(1)‑(3).

State law

State law Federal law Compliance Data protection

New Cyber Incident Reporting Coming for Critical Infrastructure: Five Key Takeaways

Debevoise Data Blog

MARCH 16, 2022

Instead, the Act further centralizes CISA as the primary hub within the federal government for information sharing and allows CISA to refer cases to the Department of Justice and other federal agencies for enforcement and prosecution of other federal laws or regulations. Expanding Federal Cybersecurity Enforcement.

Due diligence

Due diligence Federal law Compliance Attorney

NYC’s AI Hiring Law Is Now Final and Effective July 5, 2023

Debevoise Data Blog

APRIL 12, 2023

In this Debevoise Data Blog post, we discuss the current state of the AEDT Law and highlight how the final changes impact employers’ compliance obligations. The Final Rules address many of the issues raised during the comment period but also increase the compliance burden for employers.

Law

Law Law Compliance Machine learning

Biden Administration Acts to Limit Access to Sensitive Personal Data by Countries of Concern

Debevoise Data Blog

MARCH 5, 2024

government; and (4) transactions required or authorized by federal law or international agreements. ◦ government; and (4) transactions required or authorized by federal law or international agreements. ◦ Compliance requirements. companies and individuals develop and implement risk-based compliance programs.

Compliance

Compliance e-records Federal law Court

A Takedown of the Take It Down Act

Eric Goldman

JUNE 5, 2025

Section 3: Notice and Removal of Nonconsensual Intimate Visual Depictions Alongside its criminal provisions, the Act imposes new civil compliance obligations on online services that host user-generated content. For authentic images, the law could easily reach innocent but revealing photos of minors shared online.

Failure-to-appear

Failure-to-appear Prosecutor Court Law

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Debevoise Data Blog

JANUARY 16, 2025

company and its foreign subsidiaries and transactions required by federal law or international agreements. Third-Party Contractual and Compliance Obligations The rule prohibits data brokerage with any foreign person who is not a covered person unless the U.S. DOJ expects U.S. Noncompliance may result in enforcement action.

Compliance

Compliance Due diligence e-records Time-tracking

Legal Tech Connection

Maturing Compliance with the Bulk Sensitive Data Rule (Data Security Program) before the July 8, 2025 Safe Harbor Expires

Privacy Law: Status of Legal Practice Area in 2025

Webinars

Trending Sources

CPPA Proposed Rulemaking Package Part 2 – Automated Decision-Making Technology

Webinars

Staying Compliant in U.S. Investigations: How to Protect Privacy Without Losing Momentum

Building a Digital Future: Is America Ready for a Federal Digital Bill of Rights?

Unlikely Careers for Lawyers

A Guide to 5 Key Data Compliance Regulations for Legal Teams

Pandemic-Related Legal Ethics Opinions: A Compendium

The Highest-growth Legal Practice Areas in 2024 and Beyond

FTC and HHS Announce Updated Health Privacy Publication

CJEU rules on DPO conflicts of interest under the GDPR

New Requirements for Localisation of Major Internet Companies in Russia

Preparing for AI Whistleblowers

Southwest’s Technology Troubles Accelerate DOT Action?

Are Electronic Signatures Legally Binding? What Lawyers Should Know

2024 Law Firm Data Security Guide: How to Keep Your Law Firm Secure

How to Make Sure Your Law Firm's Website is ADA Compliant

Washington’s Novel Health Data Law: An In-Depth Look

A Closer Look at 2023 U.S. State Privacy Law Activity: Washington State

Face Forward: Strategies for Complying with Facial Recognition Laws

Are Electronic Signatures Legal?

Face Forward Part 2: Proposed Legislation and Strategies for Compliant Use of Facial Recognition

What the ADPPA Means for U.S. Data Regulation

New Cyber Incident Reporting Coming for Critical Infrastructure: Five Key Takeaways

NYC’s AI Hiring Law Is Now Final and Effective July 5, 2023

Biden Administration Acts to Limit Access to Sensitive Personal Data by Countries of Concern

A Takedown of the Take It Down Act

National Security Update: DOJ Unveils Rules Restricting Sensitive Bulk Data Transfers

Stay Connected