Checklists
You Have to Save Them - The Documents, That Is. But How?
This resource covers how to create and enforce effective document retention policies, especially for organizations in the health-care industry.
This resource covers how to create and enforce effective document retention policies, especially for organizations in the health-care industry.
While data protection is an organization wide initiative, there are some best practices your organization can quickly implement to significantly bolster protection of your (and your clients’) sensitive data.
This article looks at six programs to take data protection to another level, many of which include disciplines beyond cybersecurity. These are organization wide initiatives that need to be addressed.
The emergence of technology has helped automate the continually changing requirements for privacy compliance.
This article discusses how automation can also be applied to create a “data harbor” to automate data loss prevention (DLP) within organizations through an approach that involves next-gen data protection as a service.
A sample request for proposal (RFP) that can be used as a starting point to help select a contract lifecycle management software (CLM) vendor.
This article highlights 10 key takeaways for US companies regarding the EU AI Act, which imposes a comprehensive regulatory framework for AI systems. With its extraterritorial scope, the EU AI Act may impact US companies placing AI systems in the EU market or whose AI outputs are used within the EU.
This sample is a basic outline of a generative artificial intelligence (GAI) policy.
This survey report examines the extent to which GenAI is being utilized, and the impact it is having on legal work, in-house roles, and department.
In February 2024, the U.S. Department of Health and Human Services (HHS) issued the much anticipated final rule to update the Confidentiality of Substance Abuse Disorder Patient Records regulations at 42 CFR Part 2 (Part 2).
This article discusses the amendments to Part 2 and its most impactful revisions, including the amendments to loosen patient consent requirements, regulate SUD counseling notes, and create new patient rights and breach notification requirements.
Alongside their counterparts across IT, security, privacy, etc., general counsel should work to address four central categories of AI accountability: who may be impacted, organizational risks, ethics and financial considerations.
This article outlines essential questions the general counsel can ask to strengthen governance across these pillars.