Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In 1996, the US signed the Health Insurance Portability and Accountability Act (HIPAA) into law. One of the government’s chief goals was to safeguard sensitive patient data and protected health information (PHI) from unauthorized disclosure. While these protections were critical, HIPAA compliance requirements (alongside an already-fragmented electronic health record systems) have led to ongoing data silos across healthcare.

Every day, your review team makes hundreds of decisions that determine who gets access to your platform. These decisions carry a lot of weight. Get them right, and you protect your business while delivering a seamless user experience. Get them wrong, and you either block legitimate users or open the door to fraud. As your business scales, these decisions get harder to manage. Case volume climbs, fraud tactics shift, and regulatory expectations evolve.

On December 31, 2025, the DEA issued its fourth temporary extension of the COVID-era telemedicine flexibilities, keeping the current rules in place through December 31, 2026. For telehealth companies prescribing controlled substances, the extension was welcome news.

Every day, financial institutions move trillions of dollars on-chain. From tokenizing money market funds to settling trades on private blockchains, financial institutions are swiftly bringing capital on-chain. But the infrastructure for compliance hasn't kept up. It’s not uncommon for investors to verify for KYC multiple times just to trade across chains.

Over 300 age-related bills were introduced across several US states in 2025 alone. We’ve heard firsthand from numerous legal and compliance teams that keeping up with these regulations is incredibly overwhelming. That’s why we developed Atlas, a global database tracking evolving age assurance regulations. Atlas tracks recent legislation impacting social media platforms, adult content, age-restricted services, and other related legislation.

We’ve been collaborating with others to explore how agentic commerce and enterprise agents will work. Alfonso Gómez-Jordana Mañas, co-founder of Crossmint shares his thoughts on the current state of payment security and how compliance mechanisms like KYC and AML need to evolve to support agentic commerce. OpenClaw provided users with an open-source framework to launch AI agents.

AI agents are being deployed in the real world at pace. In the enterprise realm, they’re accessing APIs, shipping code, and running decisioning workflows on behalf of the organizations and individuals who deploy them. Entirely new businesses have sprung up, leveraging AI agents to streamline customer support and sales processes.

In Australia, the introduction of the Social Media Minimum Age Act increased the importance of gauging a user’s age without compromising their privacy. To help organizations navigate these requirements, Persona now supports an integration with ConnectID, an Australian digital identity network.

KYC checks are a regulatory requirement, and they can help prevent fraudsters and other bad actors from accessing your platform. But they're not designed to catch every type of fraud. That’s why many fintechs add additional identity verification and fraud checks. However, some overlook link analysis, which is an increasingly important layer for detecting fraud rings and AI-driven attacks.

Ask anyone what they think when a website requests a driver's license, Social Security number, or email address, and you'll hear the same reaction: "Why do they need that?" It’s a fair question. Not a day goes by without news of another data breach or scam. Many people have either experienced fraud firsthand or know someone who has. While they're more aware of the need to protect their data, they don't feel equipped to actually do it.