Jul. 15, 2026
Jul. 15, 2026
Compliance Lessons From NYDFS’ Delta Dental Settlement
For companies subject to the New York Department of Financial Services (NYDFS) Cybersecurity Regulation, the agency’s recent settlement with Delta Dental Insurance Company and Delta Dental of New York, Inc. (collectively, Delta Dental) serves as a reminder that gaps in data governance and incident reporting can carry significant enforcement consequences. The NYDFS imposed a $2.25‑million fine on Delta Dental after alleging it failed to maintain required data retention controls and to timely report a breach. This article examines key aspects of the consent order and offers practical compliance lessons, drawing on insights from experts, including former NYDFS officials, at Clifford Chance, Crowell & Moring, Mayer Brown and Pillsbury. See “Practical Compliance Implications From NYDFS’ Healthplex Settlement” (Sep. 17, 2025). Read full article …
How the Whole-of-State Movement Is Protecting the Community Organizations the Private Sector Depends On
Some of the organizations most essential to daily economic life – rural hospitals, schools, municipalities, local utilities and small businesses – are also the least equipped to defend themselves against cyberattacks, even as they hold troves of sensitive data. When these “target-rich, resource-poor” organizations are knocked offline, the disruption ripples outward to the businesses, workers and communities that rely on them. A growing “whole-of-state” movement is beginning to address these organizations’ weaknesses through community cyber defense programs that pair local cybersecurity talent with the entities that need it most. In this guest article, Grace Menna, senior fellow of public interest cybersecurity at UC Berkeley Center for Long-Term Cybersecurity, explains how these programs work, why the resilience of smaller organizations is a business-continuity issue for the private sector, and the concrete, often low-cost, ways legal and compliance professionals can help, through pro bono counsel, technical volunteering, advocacy and funding, to strengthen the infrastructure on which their own operations depend. See “CISA and Chamber of Commerce Officials Discuss Cyber Essentials’ Six Pillars for Small Businesses” (Aug. 4, 2021). Read full article …
Safeguards for Using AI in Legal Practice
Lawyers, judges, legal departments and courts are all struggling to figure out how to fit AI into their legal work, what it can and cannot do, what risks must be managed, and how to use it without sacrificing judgment, skill and professional responsibility. As legal professionals grapple with this defining moment, the focus has shifted from whether to use AI to how to use it responsibly and effectively. At a recent panel discussion, experts from the bench, academia, law firms and the tech sector discussed AI training, a framework of safeguards, use documentation and privilege. This article distills their insights, priorities and strategies. See “How Tech CLOs Think Attorneys Should Be Using AI” (Apr. 22, 2026). Read full article …
Most-Read Articles
-
Jun. 10, 2026
Colorado and Connecticut AI Laws: Mapping Scope and Core Provisions -
Jun. 10, 2026
Checklist for Contracting With AI Vendors to Mitigate Risks -
Mar. 25, 2026
AI Agent Security: What CISOs and GCs Need to Know to Defend the Enterprise -
Jun. 17, 2026
Colorado and Connecticut AI Laws: Preparing to Comply -
Apr. 22, 2026
How Tech CLOs Think Attorneys Should Be Using AI