Blog | Outside GC | compliance

Understanding the CCPA: Key Provisions and Readiness Checklist

November 4, 2019 at 8:15 AM - compliance,

A first of its kind in the U.S., the California Consumer Privacy Act of 2018 (CCPA) is shaping up to be one of the most ambitious privacy legislations in the world; and with 17 additional states so far following its lead, data privacy protection is finally having its day in the United States. Effective January 1, 2020, the CCPA will become enforceable as early as next spring. More specifically, the Act will be enforced on the earlier of either July 1, 2020 or 6 months from the date of issuance of the final regulations, following the California Attorney General’s enforcement guidelines (expected mid-September).

Nonprofit Regulation Compliance: Sweepstakes and Other Prize Promotions

August 8, 2019 at 10:32 AM - compliance,

In her latest ACC Docket article, Outside GC's Lakshmi Sarma Ramani discusses the use of prize promotions, such as sweepstakes and contests, by nonprofit organizations, highlighting their obligation to comply with federal and state prize promotion laws despite being exempt from other tax laws.

What Nonprofits Should Know About Anticorruption Laws

June 25, 2019 at 9:30 AM - compliance,

Outside GC's Lakshmi Sarma Ramani regularly advises nonprofit organizations on a wide range of legal and business issues. In her latest ACC Docket article, Ramani reminds nonprofits to be mindful of their anticorruption responsibilities in the U.S and abroad, including those arising under the U.S. Foreign Corrupt Practices Act (FCPA).

Reading the Tea Leaves: What Do GDPR Enforcement Efforts Tell Us?

May 10, 2019 at 3:47 PM - compliance,

Despite the global angst preceding the GDRP’s effective date, there’s been seemingly little news about enforcement efforts against noncompliant businesses. But, the reality is that EU regulators have been very busy working behind the scenes. As of February, 2019, nearly 100,000 claims under the GDPR have been lodged with EU national data protection authorities (“DPAs”), many relating to telemarketing and promotional e-mails. Similarly, just over 40,000 data breaches were reported to the DPAs; and 255 investigations into EU cross-border processing activities were initiated, mostly as a result of complaints filed by individuals.

An Overview of the U.S. State Fundraising Regulations for Tax Exempt Organizations

April 9, 2019 at 3:37 PM - compliance,

In her latest ACC Docket article, Outside GC attorney Lakshmi Sarma Ramani reviews U.S. state fundraising regulations which apply to nonprofit organizations and their corporate partners.

4 Ways To Ensure HIPAA Compliant Business Associate Agreements

December 18, 2018 at 9:10 AM - compliance,

In the wake of an historic, multi-state lawsuit filed against a “Business Associate” earlier this month, it is imperative that companies with business associate agreements (BAA) in place with health care/plan customers review internal data security policies and procedures to ensure they are in compliance with their obligations arising under HIPAA, state privacy laws and the BAAs.

Update on the EU-U.S. Privacy Shield's Status

October 31, 2018 at 9:18 AM - compliance,

Outside GC Member Stephan Grynwajc continues to keep a close eye on the fate of the EU-U.S. Privacy Shield data-sharing arrangement.

State Regulatory Oversight of Tax-Exempt Organizations

July 25, 2018 at 5:57 PM - compliance,

Tax-exempt organizations must become increasingly aware of the regulatory landscape in which they operate. In this ACC Docket article, Lakshmi Sarma-Ramani, a Member with our Washington D.C.-based team, provides an overview of state oversight areas that carry registration or reporting requirements.

Headquarters

ON-DEMAND INSIGHTS