News & Analysis as of

Data Protection Audits

Clark Hill PLC

The Value of an Effective HIPAA Compliance Program Amid OCR HIPAA Audits

Clark Hill PLC on

In 2024, the U.S. Department of Health and Human Services Office of Civil Rights (“OCR”) Director Melanie Fontes Rainer announced that OCR will resume auditing Health Information Portability and Accountability Act (“HIPAA”)...more

DLA Piper

CHINA: Mandatory Data Protection Compliance (Self) Audits on Their Way

DLA Piper on

The Personal Information Protection Law (“PIPL“) requires a data controller to conduct compliance audits of its personal data processing activities on a regular basis (“Self-supervision Audits“). Apart from such...more

Dunlap Bennett & Ludwig PLLC

The New Guidance From DOL On Using AI In The Workplace

A recent Executive Order from the Biden administration noted the “promise and peril” of artificial intelligence (AI). For instance, AI has the potential to transform the workplace in unprecedented ways. Its capabilities range...more

Society of Corporate Compliance and Ethics...

[Virtual Event] Compliance in Smaller Organizations - July 18th, 8:00 am - 5:00 pm CT

Are you tasked with compliance management on a small team or for a smaller organization? Compliance professionals who manage programs for smaller organizations or with limited teams can face unique, sometimes daunting,...more

Ankura

Operational Implications of the New Bulk Sensitive Data Executive Order

Ankura on

On February 28, 2024, President Biden signed Executive Order 14117 (the EO), on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The United...more

Mitratech Holdings, Inc

Caution! Credential Stuffing on the Rise

If you have a tendency to reuse the same password across multiple accounts, you could be leaving yourself (and your organization) exposed to risk. Credential stuffing, the stealthy technique fueling a recent explosion of...more

Epstein Becker & Green

2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance

Epstein Becker & Green on

Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more

BCLP

CNIL's Strategic Focus Areas for Data Protection in 2024 The Summer Olympics and Beyond

BCLP on

Each year, the CNIL selects key areas of high interest to concentrate its investigations and assess the compliance of select commercial sectors. On February 8, The CNIL announced its four main areas of focus for...more

A&O Shearman

EDPB launches website auditing tool

A&O Shearman on

The EDPB launched a website auditing tool to help legal and technical auditors at data protection authorities check whether websites are compliant with the law on 29 January 2024. Controllers and processors can also use the...more

Constangy, Brooks, Smith & Prophete, LLP

Take these steps to safeguard against third-party cyber threats

The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more

Jackson Lewis P.C.

Top 10 for 2024 – Happy Data Privacy Day!

Jackson Lewis P.C. on

To celebrate Data Privacy Day (January 28), we present our top ten data privacy and cybersecurity predictions for 2024. 1. AI regulations to protect data privacy. Automated decision-making tools, smart cameras, wearables,...more

Seyfarth Shaw LLP

CPPA Considers Next Set of CPRA Regulations Covering Cybersecurity Audits and Risk Assessments

Seyfarth Shaw LLP on

The California Privacy Protection Agency (“CPPA”) issued and discussed draft regulations on Cybersecurity Audits and Risk Assessments late in the summer. The CPPA Board plans to discuss the draft regulations at its upcoming...more

Benesch

Privacy Floodgates Open: 13 U.S. State Data Protection Bring About Major Changes

Benesch on

Global Privacy Controls, vendor management, sensitive personal information, and the use of Ad Tech; new U.S. state data protection laws introduce twists to traditional notions of American data protection law. In the U.S.,...more

Davis Wright Tremaine LLP

Ctrl-Alt-Delete: California Legislature Passes Delete Act

Legislation requires data brokers to register with the California Privacy Protection Agency and comply with a one-stop consumer deletion mechanism by 2026 - The wave of data privacy legislation in California continues as...more

Wiley Rein LLP

California Eyes New Privacy, Cyber, and AI Obligations

Wiley Rein LLP on

California continues to forge ahead on potential new privacy, cybersecurity, and artificial intelligence (AI) obligations, including through its California Consumer Privacy Act (CCPA) rulemaking process and by launching a new...more

Epstein Becker & Green

California Privacy Protection Agency Public Board Meeting Sheds Light on Upcoming Risk Assessment and Cybersecurity Audit...

Epstein Becker & Green on

The five-member Board of the California Privacy Protection Agency (the “CPPA”) held a public meeting on September 8, 2023, to discuss a range of topics, most notably, draft regulations relating to risk assessments and...more

Robinson+Cole Data Privacy + Security Insider

AI and Audits: Proposed CCPA Regulations Up for Discussion

On September 8, 2023, the California Privacy Protection Agency (CPPA) will discuss the two new sets of proposed California Privacy Protection Act (CCPA) regulations. Here is a breakdown of the two new proposed regulations and...more

Wyrick Robbins Yates & Ponton LLP

Déjà Vu All Over Again: The CPPA Releases Draft Regulations on Cybersecurity Audits and Risk Assessments (Part 1 of 2)

On August 29, 2023, the California Privacy Protection Agency (“CPPA”) released a set of draft regulations on cybersecurity audits and risk assessments. For those who recall the multiple rounds of the CPPA’s draft CCPA...more

Health Care Compliance Association (HCCA)

[Event] 2024 Managed Care Compliance Conference - January 29th - 30th, Coronado, CA

Explore the unique issues that are pertinent to managed care professionals! This annual event dedicated to compliance management for health plan providers is returning to an in-person format for 2024. Join your peers and...more

Husch Blackwell LLP

CPPA Releases Draft Regulations on Risk Assessments and Cybersecurity Audits

Husch Blackwell LLP on

Keypoint: Although they are only draft regulations and not part of the formal rulemaking process, the drafts demonstrate the Agency’s intent to create extensive obligations for businesses subject to these regulations. In...more

Porter Hedges LLP

Human Resources Compliance Audits (Part 2)

Porter Hedges LLP on

An internal audit of a company’s human resources practices can be used to mitigate potential liabilities by preemptively identifying areas of exposure and proactively implementing corrective measures. As discussed in the...more

McDermott Will & Emery

Get Ready to Update Your Binding Corporate Rules Regulators Expand Requirements

At the end of June, the European Data Protection Board (EDPB) published its Recommendations (Recs) on Binding Corporate Rules (BCRs). Among other things, the Recs require existing and in process BCRs to: - Incorporate...more

Bradley Arant Boult Cummings LLP

DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors

The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some...more

Paul Hastings LLP

French data protection authority (CNIL) to look into generative AI, chatbots in 2023

Paul Hastings LLP on

On May 16, 2023 the CNIL issued a statement in which it said that it will be looking into privacy issues posed by generative AIs, large language models (LLMs) and derived applications (chatbots). The official statement is a...more

Reveal

5 Steps to Creating a Successful Data Governance Policy

Reveal on

Data is the lifeblood of your organization. It sets the foundation for new business initiatives, workflows, and innovations. As it grows exponentially, its value also grows immeasurably—that is, if it is effectively managed....more

74 Results
 / 
View per page
Page: of 3

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide