All Episodes
Displaying 21 - 40 of 98 in total
Episode 21 — Information Management: Data Inventory and Classification Practices
Strong privacy programs begin with knowing what data you have. This episode covers how organizations build and maintain a data inventory, cataloging personal informati...
Episode 22 — Data Flow Mapping: Transfers, Sharing, and Accountability Controls
Data doesn’t stay put—it flows across systems, organizations, and borders. This episode explains how to map those flows, identify points of transfer, and implement con...
Episode 23 — Privacy Program Development: Workforce Training and Vendor Management
Building a privacy program is more than drafting policies—it requires embedding privacy into operations. In this episode, we cover workforce training, including how to...
Episode 24 — Cloud and Third-Party Sharing: Processing Agreements and Due Diligence
Cloud services and third-party vendors introduce unique privacy challenges. This episode examines how processing agreements define roles and responsibilities between c...
Episode 25 — Incident Response Programs: Ransomware and Vendor Incidents
Privacy law intersects with cybersecurity when incidents occur. This episode explains how organizations build incident response programs to address threats like ransom...
Episode 26 — Accountability Models: Demonstrating Compliance and Due Diligence
Accountability is the thread connecting all privacy obligations. In this episode, we define accountability models as frameworks for demonstrating compliance through do...
Episode 27 — Data Retention and Disposal: Lifecycle, Archiving, and Legal Holds
Data has a lifecycle, and managing it responsibly is critical for privacy compliance. This episode covers retention schedules that specify how long data must be kept, ...
Episode 28 — Online Privacy: Tracking, Profiling, and Consumer Expectations
The online environment presents unique privacy risks. This episode examines how tracking technologies, behavioral profiling, and targeted advertising shape consumer ex...
Episode 29 — International Transfers: Schrems, SCCs, and Data Privacy Framework
U.S. companies regularly transfer data across borders, triggering international privacy obligations. This episode introduces the Schrems cases, which invalidated earli...
Episode 30 — Multinational Conflicts: E-Discovery vs. EU Data Protection
Privacy law collides with other legal obligations when organizations face multinational conflicts. This episode highlights the tension between U.S. e-discovery require...
Episode 31 — Comparative Analysis: U.S. Privacy vs. GDPR and FADP
This episode explores how U.S. privacy frameworks compare to the European Union’s General Data Protection Regulation (GDPR) and Switzerland’s Federal Act on Data Prote...
Episode 32 — Domain II Overview: Federal vs. State Sector-Specific Frameworks
Domain II focuses on federal and state laws governing specific sectors such as health, finance, education, and telecommunications. This episode introduces the federal ...
Episode 33 — FTC Authority: Section 5 and Consumer Protection in Privacy
The Federal Trade Commission is often described as the nation’s top privacy cop. This episode dives into Section 5 of the FTC Act, which prohibits unfair and deceptive...
Episode 34 — COPPA: Children’s Online Privacy Protections in Services
Children’s privacy carries heightened protections in U.S. law. This episode introduces the Children’s Online Privacy Protection Act (COPPA), which governs the collecti...
Episode 35 — FTC Enforcement: Case Studies and Settlement Patterns
Enforcement brings theory into practice. In this episode, we review major FTC privacy and data security cases, highlighting recurring themes such as inadequate securit...
Episode 36 — Future Priorities: Data Brokers, IoT, AI, and Biometrics
Privacy law continues to evolve as technology advances. This episode highlights priority areas identified by regulators and policymakers, including the risks posed by ...
Episode 37 — HIPAA Foundations: Privacy Rule Overview
The Health Insurance Portability and Accountability Act (HIPAA) remains one of the most significant federal privacy statutes. This episode explains the Privacy Rule, w...
Episode 38 — HIPAA Security Rule: Administrative, Physical, Technical Safeguards
Complementing the Privacy Rule, the HIPAA Security Rule sets standards for protecting electronic protected health information (ePHI). This episode breaks down its thre...
Episode 39 — HITECH: Enforcement and Breach Notification Enhancements
The Health Information Technology for Economic and Clinical Health Act (HITECH) strengthened HIPAA enforcement and introduced federal breach notification requirements....
Episode 40 — 21st Century Cures: Interoperability and Data Sharing
The 21st Century Cures Act sought to promote innovation by improving interoperability and data sharing in healthcare. This episode explains how the Act prohibits “info...