On August 14, 2025, the New York Department of Financial Services (“NYDFS”) entered into a consent order with Healthplex, Inc, (“Healthplex”), which is licensed by NYDFS as an independent claims adjuster and as a life and/or accident health insurance agent.
On July 24, 2025, the California Privacy Protection Agency (CPPA) approved regulations that would impose a new requirement under the California Consumer Privacy Act: mandatory annual cybersecurity audits for certain businesses. These new requirements are now undergoing review by the
On July 23, 2025, the White House released a sweeping new policy framework titled “Winning the AI Race: America’s AI Action Plan” (the “Plan”), describing the federal government’s approach to artificial intelligence (“AI”). This initiative, developed under the
Discover how artificial intelligence is reshaping the future of mergers and acquisitions. From identifying strategic opportunities to streamlining due diligence and enhancing contract negotiations, AI is revolutionizing every stage of the M&A process. This article explores the tangible advantages of
The Data (Use and Access) Act (DUAA) received Royal Assent on 19 June 2025. The DUAA enacts the changes to the UK’s data protection regime that have been contemplated since the Data: a new direction consultation in
As organisations continue with their roll-out of AI, the global regulatory landscape is becoming increasingly complex. AI-specific laws like the EU AI Act already applicable and new AI-specific laws are proposed, adding to the range of existing laws and regulations
On June 27, 2025, the California Civil Rights Council, which is part of the Civil Rights Department, published revised regulations to protect against employment discrimination as a result of an employer’s use of artificial intelligence (AI) and other technologies that
As artificial intelligence (AI) continues to grow in capability and adoption, the technology infrastructure required to support it is rapidly expanding. The rise of AI has led to the development of specialized data centres built to handle the high computational demands associated with AI workloads.
The proposed $1.55 million CCPA settlement with Healthline is not just the largest of its kind to date – it is, more importantly, it marks a pivotal evolution in how American regulators are approaching consumer privacy enforcement.
The facts are
Most incidents handled by our Norton Rose Fulbright cyber team originate from the customer’s service provider. In many cases it is the service provider’s systems, infrastructure and environment which proves to be the most vulnerable to cyber breaches and security