WHAT’S INSIDE
POSEIDON POST – MAY 2025
Welcome back. This month we’re looking at public-sector AI leading the way in procurement, new compliance pressure from HIPAA, and why your contracts might be more vulnerable than you think. Also: Katie’s Office Hours are live. 🎉
THE BIG STORY
AI in Procurement Is Here, But What About the Private Sector?
State and local governments are charging ahead with AI-driven procurement tools, automating everything from baseline RFP creation to spend analysis and vendor performance benchmarking. While the article focuses on public sector innovation, the implications are clear for mid-sized businesses navigating contract-heavy operations: the tools exist, the use cases are proven, and the competitive edge is available to those ready to adopt. For legal ops, contract teams, and procurement leaders in the private sector, this is a signal, not just of what's coming, but of what’s already possible.
Key Takeaways
RFPs written faster, scopes made clearer, and vendor evaluations backed by data.
Less back-and-forth, more strategic sourcing.
Start small. Build smart. Scale as you go.
CONTRACT INTELLIGENCE
Quick takes on what’s shaping CLM.
Midsize Firms Lag on Risk Readiness
Despite 90% of midsize businesses having formal risk policies, 1 in 5 still lack a business continuity plan. As regulatory pressure and data privacy requirements rise, contract and compliance teams should assess whether safety plans are translating into real operational resilience.
As AI adoption accelerates, legal and compliance teams are being pulled into strategic roles, not to slow innovation, but to define acceptable risk. New frameworks like ISO 42001 are helping companies codify AI governance, enabling faster, defensible decision-making across contract and product lifecycles.
AI Risk Appetite Becomes a Compliance Advantage
2025 HIPAA Updates Reshape BAA Risk
New HIPAA rules increase security, audit, and disclosure obligations—raising the stakes for covered entities and their vendors. Legal and compliance teams must update BAAs and contract clauses to reflect the stricter requirements and avoid regulatory exposure.
POSEIDONCLM INSIDER
Get more out of PoseidonCLM.
Feature Highlight
Compliance Review – The Compliance Review feature within Poseidon is a scheduled review of the data and document compliance requirements for third parties based on their risk tiers. It is assigned to internal resources to review and validate the risk tier, the data requirements, and documents on file.
A tier 1 vendor should have a complete review every year.
A tier 3 vendor can be every other year.
A tier 1 vendor may require a completed security questionnaire and multiple documents (W9, COI, NDA, MSA, SOC Report, …). A tier 3 vendor may only require a W9 and COI.
Curious how this applies to your workflow or whether you are using it to the full potential? Let’s connect, book time to learn more.
Customer Review Spotlight
⭐⭐⭐⭐⭐
ForeverLawn
The Trident Team consistently provides unmatched support and expertise to our warranty system. I’m always impressed with their ability to truly hear our requests and produce quality solutions that meet and exceed our expectations. Their pricing is fair and transparent. I highly recommend this business.
COMMUNITY CORNER
Questions & Quirks in the CLM Community
Quick Question: What contract do you wish you’d flagged earlier?
Trivia: What is considered one of the earliest forms of a written contract in history?
The Code of Hammurabi
The Idalion Tablet
The Magna Carta
The Twelve Tables
Answer: The Idalion Tablet. Dating back to the 5th century BCE in Cyprus, this bronze tablet records a contract between the city and a family of physicians. In exchange for providing free medical care to wounded soldiers during a siege, the physicians were granted rewards. This agreement is often cited as an early example of a social welfare or insurance contract. Curious to know more?
Article Link Here