• |

    Apr. 29, 2026

Navigating an Increasingly Risky Health Data Landscape: Why the NAI’s Factor Analysis Matters

Health data has become one of the most sensitive categories of PI, expanding far beyond HIPAA‑regulated healthcare settings to include consumer apps, digital advertising and analytics. As states enact a growing patchwork of privacy and health‑specific laws with inconsistent definitions, organizations face increasing uncertainty and enforcement risk when classifying non‑HIPAA data. In response, the Network Advertising Initiative (NAI) recently released its Factor Analysis for Health‑Related Sensitive Personal Information, a five‑factor, context‑driven framework to support more disciplined, risk‑based decisions. In this guest article, Kelley Drye partner Aaron Burstein and associate Meaghan Donahue examine the complex regulatory forces and how companies can use contextual frameworks like the NAI’s to navigate the health data landscape more effectively. See “Addressing the Operational Complexities of Complying With the Washington My Health My Data Act” (Apr. 3, 2024).

Perspectives From Judges on Privacy Protections and Impact of AI in Federal Courts

What privacy issues keep federal judges up at night? How is the judiciary adapting to AI while addressing issues like hallucinations and deepfakes? To answer these questions and more, Michael Sussmann, a partner at Fenwick, spoke to Chief Judge James Boasberg of the U.S. District Court for the District of Columbia and Judge Allison Burroughs of the U.S. District Court for the District of Massachusetts at the IAPP Global Summit 2026. The judges shared their perspectives on balancing litigants’ concerns over privacy and confidentiality with the public’s right to open judicial proceedings; government surveillance; the complex technological issues they must address; how AI, other technological changes and cybersecurity concerns are affecting litigation and courts; and issues around class action and multidistrict privacy litigation. This article synthesizes their insights. See “Litigation Landscape for Cookie and Tracking Technology Claims Brought Under Federal Privacy Statutes” (Jan. 21, 2026).

Small Firms Must Be Ready to Comply With Amended Regulation S‑P

The SEC’s amended Regulation S‑P requires investment advisers, broker-dealers and other covered firms to strengthen safeguards for customer information, including adopting written incident response and breach notification procedures. The changes, finalized in June 2024, took effect for large firms as of December 3, 2025, and will take effect for smaller managers on June 3, 2026. This article distills key compliance takeaways from a Seward & Kissel program on preparing for the amendments, with a focus on incident response planning and third‑party oversight. See “What to Know About the Sleeping Giant That Is the SEC’s Amended Reg S‑P” (Dec. 10, 2025).

Most-Read Articles

Trailblazing Women – Contributions, Achievements and Observations of Outstanding Leaders

To mark International Women’s Day, Law Report Group editors, along with our colleagues across ION Analytics’ products, interviewed outstanding women in the industries and jurisdictions we cover. In this article, Jill Abitbol, Robin Barton, Rorie Norton and Megan Zwiebel profile notable women in the data privacy, cybersecurity, AI, private funds and anti-corruption law fields, including (i) Paula Howell Anderson, (ii) Gwendolyn Lee Hassan, (iii) Audrey Koh, (iv) Stacy Feuer, (v) Heather Egan, (vi) Jeewon Serrato, (vii) Stephanie Breslow, (viii) Anne Choe, (ix) Heather Wyckoff, (x) Angie Batterson, (xi) Jacqueline Eaves, and (xii) C. Dabney O’Riordan.

Enjoy reading their inspiring remarks here.