Alston & Bird Privacy, Cyber & Data Strategy Blog

Your AI Scribe May Be Taking Notes (and Plaintiffs Are Too)

April 27, 2026 By Daniel Felz, Jennifer Everett, Jennifer Pike and Sara Pullen

On April 7, 2026, several plaintiffs (“Plaintiffs”) filed a putative class action complaint in the Northern District of California against Sutter Health, Memorial Health Services Inc. and Memorial Care Medical Foundation (the “Providers”). The complaint alleges the Providers illegally recorded Plaintiffs’ confidential medical information by using an AI-powered “ambient clinical documentation” tool to record clinician-patient conversations during medical visits. This suit may highlight a growing … [Read more] about Your AI Scribe May Be Taking Notes (and Plaintiffs Are Too)

Challenge to Utah’s App Store Accountability Act Voluntarily Dismissed Following Statutory Amendments

April 27, 2026 By Maki DePalo and Hyun Jai Oh

On April 21, 2026, the Computer & Communications Industry Association (trade association) voluntarily dismissed its constitutional challenge to the Utah App Store Accountability Act (ASAA). The dismissal follows statutory amendments enacted … [Read more] about Challenge to Utah’s App Store Accountability Act Voluntarily Dismissed Following Statutory Amendments

The World Data Organization: A New Player in Global Data Governance – What Businesses Need to Know

April 23, 2026 By Daniel Felz and Yin Tydir

On March 30, 2026, the World Data Organization (WDO) was officially launched in Beijing. The WDO describes itself as a non-governmental, non-profit organization headquartered in Beijing, with a stated mission of “bridging the data divide, unlocking … [Read more] about The World Data Organization: A New Player in Global Data Governance – What Businesses Need to Know

Secure Connectivity for Operational Technology—UK NCSC Publishes New Guidance

April 21, 2026 By Hanna Hewitt, Kelly Hagedorn and Paul Greaves

The UK National Cyber Security Centre (NCSC) published guidance to help organisations design, secure, and manage Operational Technology (OT) environments. It sets out eight core principles to improve resilience, reduce exposure, and support secure … [Read more] about Secure Connectivity for Operational Technology—UK NCSC Publishes New Guidance

Britain’s Financial Regulators Raise the Bar on Cyber Reporting and Resilience

April 20, 2026 By Kelly Hagedorn and Kristen Bartolotta

Cyber risk has shifted from a technical issue to a systemic one and Britain’s financial regulators are making that reality unmistakably clear. On March 18, 2026, the Financial Conduct Authority (FCA), Prudential Regulation Authority (PRA), and Bank … [Read more] about Britain’s Financial Regulators Raise the Bar on Cyber Reporting and Resilience