California Adopts Privacy, Cybersecurity, ADMT Regulations and Amendments

August 20, 2025 in CCPA, CPPA, Cybersecurity, Data Privacy, Artificial Intelligence, State Legislation

The California Privacy Protection Agency (CPPA) has adopted final regulations on privacy risk assessments, cybersecurity audits, and automated decisionmaking technology (ADMT), as well as amendments to existing CCPA regulations. Final publication of the regulations is pending review by the Office of Administrative Law, and depending on when that occurs, the regulations will likely take effect 10/1/2025 or 1/1/2026. Some key concepts from these regulations, and actions to consider, are below.

GenAI in the Workplace: Hong Kong PCPD Releases Checklist for Employer Policies

April 09, 2025 in Artificial Intelligence, Data Privacy, GenAI, Global Privacy & Security, Global Privacy Updates, Workplace Privacy

By Leslie Veloz and Jennifer Ruehr

The Hong Kong Office of the Privacy Commissioner for Personal Data (“PCPD”) recently published its Checklist on Guidelines for the Use of Generative AI by Employees (“Checklist”). The goal of the Checklist is to help organizations draft internal policies and procedures governing employee use of generative AI (“GenAI”) tools, especially where GenAI is used to process personal data.

Workplace Privacy – 5 Things I’m Keeping in Mind for 2025

January 21, 2025 in Technology Law, Workplace Privacy, Artificial Intelligence, GenAI, FCRA

By Jennifer Ruehr

Many of us are returning to work this month with New Year’s resolutions, predictions, and lists top of mind, and top of inbox. As I turn back to work, I’m thinking ahead to how U.S. laws and regulations are going to impact my clients from a workforce perspective. Here’s what is top of mind for me right now:

Fair Credit Reporting Act
State law AI requirements
Biometrics in the workplace
Genetic data risk
Workplace monitoring