Search

Find posts by topic, regulation, or template name. Results update as you type (offline-first index from this build).

Search posts

AI compliance cost for small teams 2026: what you actually pay
How much does AI compliance actually cost? DIY documentation starts at $0. Bias audits run $5,000 to $50,000 per tool. ISO 42001 certification costs $15,000 to $40,000 in year one. Most 1-50 person teams can cover solid compliance for under $5,000 per year if no bias audits are required. Full cost breakdown by team size.
Guides
AI Hiring Compliance for Small Teams: The Complete Guide (2026)
NYC LL144, Illinois AIVEA, FCRA, EEOC guidance, and Colorado SB 26-189 all regulate how small teams use AI in hiring. This guide maps every law to the action it requires, with links to the full cluster.
Guides
DeepSeek and Chinese AI Models: GDPR Data Transfer Risk and What Teams Can Actually Use
Italy banned DeepSeek within 72 hours. 13 EU jurisdictions opened investigations. China has no GDPR adequacy decision. Here is what US and EU teams need to know before using DeepSeek or other Chinese AI models, and when the open-source version changes the calculation.
Guides
Meta's Employee AI Training Program Leaked Medical Records. What Your Monitoring Policy Must Say.
Meta's mandatory MCI program collected employee keystrokes for AI training, then leaked private conversations and medical records company-wide. The legal requirements for AI-powered employee monitoring -- and what the Meta incident means for your policy.
news
AI Agent API Token Leak: 24-Hour Incident Response Playbook
24-hour runbook for leaked AI agent tokens: revoke, rotate, audit blast radius, and restore access before costs spiral. 7 copy-paste steps.
AI Security
Enterprise AI Privacy Pages: Direct Links to OpenAI, Anthropic, Google, and Microsoft Data Documentation
The exact URLs for enterprise privacy policies, DPAs, and trust centers from OpenAI, Anthropic, Google, and Microsoft, organized by vendor and updated for 2026.
guides
EU AI Act Digital Omnibus August 2026: will the deadline hold?
The EU Digital Omnibus provisional agreement (May 7, 2026) would delay most high-risk AI obligations from August 2, 2026 to December 2, 2027. But formal adoption is not guaranteed before the August deadline. What deployers must do now regardless of which path the Omnibus takes.
Guides
FTC's $930K 'Active Listening' Settlement: What AI-Washing Enforcement Now Looks Like
Cox Media Group paid $930K after the FTC found its 'Active Listening' AI ad product was fake, no voice data, just resold email lists. Here is what the case establishes about AI-washing liability in 2026.
news
AI Coding Tools Are Destroying SSDs: What Your Acceptable Use Policy Must Address
OpenAI Codex was silently writing 640 TB/year to developer SSDs through a logging bug. This is a governance gap most acceptable-use policies miss. Here is what IT and compliance teams need to add.
Guides
NYC Local Law 144 AI Bias Audit: Employer Guide 2026
NYC Local Law 144 requires employers using AI hiring tools to conduct annual independent bias audits, publish results, and notify candidates. DCWP enforcement began July 5, 2023. Penalties run $500 to $1,500 per violation, with each day of use and each missed notice counted separately. Six-step compliance checklist.
Guides
Trump's June 2026 AI Executive Order: What Compliance Teams and Federal Contractors Must Do
Trump signed a new AI executive order on June 2, 2026. Here is what it requires, what is voluntary, who must act, and what federal contractors and compliance teams should do now.
Guides
AI Browser Agents (Atlas, Comet): 7-Point Governance Policy for Small Teams (2026)
ChatGPT Atlas and Perplexity Comet act inside your logged-in sessions, which breaks the old browser security model. Here is a copy-paste governance policy for teams of 5-50, plus the prompt-injection risk you need to brief staff on now.
Guides