Alongside their counterparts across IT, security, privacy, etc., general counsel should work to address four central categories of AI accountability: who may be impacted, organizational risks, ethics and financial considerations.
This article outlines essential questions the general counsel can ask to strengthen governance across these pillars.
In February 2024, the U.S. Department of Health and Human Services (HHS) issued the much anticipated final rule to update the Confidentiality of Substance Abuse Disorder Patient Records regulations at 42 CFR Part 2 (Part 2).
This article discusses the amendments to Part 2 and its most impactful revisions, including the amendments to loosen patient consent requirements, regulate SUD counseling notes, and create new patient rights and breach notification requirements.
This article highlights 10 key takeaways for US companies regarding the EU AI Act, which imposes a comprehensive regulatory framework for AI systems. With its extraterritorial scope, the EU AI Act may impact US companies placing AI systems in the EU market or whose AI outputs are used within the EU.
On March 6, 2024, the US Securities and Exchange Commission ("SEC") finalized new climate disclosure rules for public companies, mandating comprehensive reporting on climate-related risks and their impacts on business operations. This article explores the details of the new requirements, the rationale behind the changes, and the implications for corporate transparency in addressing climate risks.
A selection of resources on Canadian IP law and Intellectual Property legal issues.
One of the most common use cases for eDiscovery workflows is Hart–Scott–Rodino (HSR) second requests. This article discusses what HSR second requests are, how eDiscovery for HSR second requests differs from eDiscovery for litigation, and six considerations for conducting HSR second requests effectively.
The emergence of technology has helped automate the continually changing requirements for privacy compliance.
This article discusses how automation can also be applied to create a “data harbor” to automate data loss prevention (DLP) within organizations through an approach that involves next-gen data protection as a service.
This article looks at six programs to take data protection to another level, many of which include disciplines beyond cybersecurity. These are organization wide initiatives that need to be addressed.
A selection of resources on succession planning for the in-house law department.
A selection of resources regarding environmental risk due diligence in transactions.