News & Analysis as of

Compliance Cybersecurity Data Protection

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
EDRM - Electronic Discovery Reference Model

Implications of the €310 Million LinkedIn Fine for GDPR Compliance

EDRM - Electronic Discovery Reference Model on

ComplexDiscovery’s Editor’s Note: This recent €310 million fine imposed on LinkedIn by Ireland’s Data Protection Commission (DPC) marks a powerful moment in GDPR enforcement, underlining the regulatory rigor facing global...more

Clark Hill PLC

The Value of an Effective HIPAA Compliance Program Amid OCR HIPAA Audits

Clark Hill PLC on

In 2024, the U.S. Department of Health and Human Services Office of Civil Rights (“OCR”) Director Melanie Fontes Rainer announced that OCR will resume auditing Health Information Portability and Accountability Act (“HIPAA”)...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2024

Health Care Compliance Association (HCCA) on

23andMe agreed to pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information...more

DLA Piper

Minimizing AI Risk: Top Points for Compliance Officers

DLA Piper on

More than ever, artificial intelligence (AI) is being implemented as a powerful tool to improve our lives and businesses. But with its benefits comes a host of risks – and regulators are homing in on its use as a tool for...more

Harris Beach PLLC

Key Considerations for Selling AI Software to the Government

Harris Beach PLLC on

The federal government is the biggest purchaser in America and that extends to the SaaS space. On September 24, 2024, the Office of Management and Budget (OMB) released Memorandum M-24-18, offering updated guidelines for the...more

DLA Piper

First PDPA Enforcement in Thailand: A Landmark Case

DLA Piper on

On August 21, 2024, the second expert committee appointed under the Thai Personal Data Protection Act (PDPA) of 2019, issued an administrative fine to a major private company involved in online sales. The company allowed a...more

Mayer Brown

New EU Cyber Rules: Implementation of NIS2 in the EU Member States

Mayer Brown on

The Network and Information Security 2 Directive (EU) 2022/2555 ("NIS2") entered into force on 16 January 2023. NIS2 sets cyber rules for organizations whose services are considered essential or important for maintaining...more

Osano

Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane

Osano on

Maintaining compliance is your job. But sometimes that job feels like a slog through the deepest jungle. More than 130 countries have some form of data privacy and protection law on the books. At the same time, 63% of...more

Mayer Brown

ANPD's New Regulation on Guidelines and Responsibilities of Data Protection Officers in Brazil

Mayer Brown on

The Brazilian Data Protection Authority (ANPD) has published its new regulation on the Data Protection Officer’s (DPO) role. A central figure in privacy governance, the DPO serves as the liaison between the data controller,...more

Mandelbaum Barrett PC

The Digital Business Legal Guide: Key Legal Considerations

Mandelbaum Barrett PC on

Have you ever considered the number of legal challenges that come with running a business in the digital era? Forbes predicts that the global e-commerce will surpass $6 trillion in 2024, meaning that there is no shortage of...more

Patterson Belknap Webb & Tyler LLP

SEC Settlement: Cybersecurity Internal Controls

Patterson Belknap Webb & Tyler LLP on

On June 18, 2024, the Securities and Exchange Commission (“SEC”) announced a $2.1 million civil penalty settlement of charges against R.R. Donnelley & Sons (“RRD”), a global provider of business communications services and...more

Sheppard Mullin Richter & Hampton LLP

Data, Deals, and Diplomacy: How the Bulk Data Executive Order Will Shape Future Contracts and Security Practices

Sheppard Mullin Richter & Hampton LLP on

For companies in the U.S. that hold certain personal data and U.S. Government-related data, rules stemming from recent Executive Order (“EO”) 14117 on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United...more

Porter Hedges LLP

Best Practices to Ensure Compliance with Upcoming Data Protection Regulations

Porter Hedges LLP on

The Department of Justice ("DOJ") is wasting no time in implementing the new cyber-security Executive Order (the EO), signed on February 28, 2024. As explained in our April 2024 blog post, the EO aims to portect Americans’...more

PilieroMazza PLLC

Coming Soon! CISA’s Proposed Rule on Government-wide Cybersecurity Reporting Requirements for Contractors

PilieroMazza PLLC on

The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more

White & Case LLP

AI Watch: Global regulatory tracker - United States

White & Case LLP on

The US relies on existing federal laws and guidelines to regulate AI but aims to introduce AI legislation and a federal regulation authority. Laws/Regulations directly regulating AI (the “AI Regulations”) Currently,...more

Esquire Deposition Solutions, LLC

Actionable Advice When Sharing Client Data with Vendors

Esquire Deposition Solutions, LLC on

We’ve previously written on the need for law firms to scrutinize the data security protections in place at all third-party vendors who have access to client confidential information. Clearly, that’s still good advice....more

The Volkov Law Group

Dancing on the Head of a Pin: Corporate Boards, Committees and Cybersecurity Risk Management

The Volkov Law Group on

No one was surprised when compliance and risk publications cited cybersecurity as the number one risk that corporations face today.  While this is a relatively simplistic and head-line grabbing statement, the truth remains...more

Epiq

Healthcare Organizations Can Meet New HHS Cybersecurity Goals with the Help of Tabletop Exercises

Epiq on

In today’s digital age, securing sensitive healthcare data is paramount. With the rise in cyber threats targeting healthcare organizations, the Department of Health and Human Services (HHS) has taken proactive steps to...more

The Volkov Law Group

NIST Adopts New 2.0 Cybersecurity Framework

The Volkov Law Group on

In the absence of federal cybersecurity and data privacy laws, companies have to look to other sources of guidance, including industry standards, and state laws.  The National Institute of Standards and Technology (“NIST”)...more

Arnall Golden Gregory LLP

Responding to a Third-Party Data Breach: Practical Legal and Compliance Steps

Arnall Golden Gregory LLP on

Cyberattacks and data incidents are rapidly increasing, and third-party services companies are a frequent source of exposure for healthcare providers. Healthcare is a prime target for cybercriminals, with ransomware and...more

Epstein Becker & Green

2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance

Epstein Becker & Green on

Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more

HaystackID

[Webcast Transcript] Notable Trends in US Privacy Law

HaystackID on

Editor’s Note: On January 17, 2024, HaystackID hosted a cogent webcast, “Notable Trends in US Privacy Law,” featuring HaystackID privacy and compliance expert Chris Wall, and an esteemed panel of privacy and compliance...more

Skadden, Arps, Slate, Meagher & Flom LLP

Understanding SEC’s Focus Amid Lack of Final AI Rules

Skadden, Arps, Slate, Meagher & Flom LLP on

Last year, the U.S. Securities and Exchange Commission (SEC) proposed ambitious rules relating to artificial intelligence (AI) that have drawn significant commentary and criticism. While it is unlikely that any changes in the...more

BakerHostetler

HHS Publishes ‘Voluntary’ Healthcare Cybersecurity Performance Goals in Record Time but Leaves Questions Unanswered

BakerHostetler on

As previously reported in this blog, on Dec. 6, 2023, the Department of Health and Human Services (HHS or the Department) released a “concept paper,” which laid out its vision of future action regarding healthcare...more

The Volkov Law Group

Data Privacy Update — Keeping Up with Developments

The Volkov Law Group on

When it comes to data privacy and regulation of personal information, United States companies face a number of major challenges.  Compliance is not easy when you have fast-moving targets.  The single biggest cause of this...more

206 Results
 / 
View per page
Page: of 9
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide