Deploy Securely

Deploy Securely

Home
Notes
Services
Case studies
Topics
About

Compliance and regulation

A 3-level framework for business leaders to manage AI-driven bias
Go beyond platitudes.
  
Walter Haydock
SOC 2 is dead
Why others suggest it's time to move on from what was the "gold standard" of B2B SaaS security due diligence.
  
Walter Haydock
Managing intellectual property risk with AI
A realistic set of principles.
  
Walter Haydock
ISO 42001 vs. HITRUST AI security certification: data management requirements
Comparing requirements from two emerging AI standards.
  
Walter Haydock
ISO 42001 vs. HITRUST AI security certification
The former is very broad and the latter quite narrow.
  
Walter Haydock
New York State Department of Financial Services guidance on AI security and governance
What a key regulator is focused on.
  
Walter Haydock
3 ways ISO 42001 can help AI-powered companies comply with California's training data transparency bill (AB-2013)
California asserts global jurisdiction over AI.
  
Walter Haydock
Navigate Obamacare nondiscrimination regulations for healthcare AI customers with ISO 42001
Last week an AI-powered health-tech startup founder flagged this HUGE compliance issue:
  
Walter Haydock
I read (and gave feedback on) the entire HITRUST AI Security Specification so you don't have to
A highly-focused cybersecurity certification for those developing AI systems.
  
Walter Haydock
EU AI Risk Categorizations
The law creates a lot of new terminology...and requirements.
  
Walter Haydock
ISO 42001 and U.S state/local AI regulations
Not a silver bullet, but the best chance for comprehensive compliance.
  
Walter Haydock
How NOT to write an AI policy
You might be better off not having one than doing this.
  
Walter Haydock
© 2025 StackAware
Substack
PrivacyTermsCollection notice
Start writingGet the app
Substack is the home for great culture