The California Privacy Protection Agency (CPPA) Board met last week to discuss the latest updates on California Consumer Privacy Act (CCPA) draft regulations for cybersecurity audits, risk assessments, automated...more
On May 8, 2024, Paul Hastings hosted the Cybersecurity Law Workshop at this spring’s Privacy + Security Forum featuring a panel on cybersecurity insurance trends and insights. The panel was moderated by Paul Hastings’ David...more
On May 8, 2024, Paul Hastings Hosted the Cybersecurity Law Workshop at this spring’s Privacy + Security Forum with a panel on cybersecurity regulatory trends and recent developments. The panel was moderated by Paul Hastings...more
On May 8, 2024, Paul Hastings Hosted the Cybersecurity Law Workshop at this spring’s Privacy + Security Forum with a panel on perspectives from cybersecurity regulators. The panel was moderated by Paul Hastings Global Chair...more
Last week, Paul Hastings attended the Securities and Exchange Commission (SEC) Speaks 2024 event presented by the Practising Law Institute (PLI) in cooperation with the SEC on April 1 and 2. The SEC Speaks program provides...more
4/9/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Disclosure Requirements ,
Due Diligence ,
Form 10-K ,
Form 8-K ,
Information Technology ,
NASA ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more
4/2/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
Federal Information Security Modernization Act (FISMA) ,
Healthcare ,
Information Technology ,
NERC ,
Popular ,
Proposed Regulation ,
Ransomware ,
Reporting Requirements ,
Water
The Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently announced a settlement under the Health Insurance Portability and Accountability Act (HIPAA) with Green Ridge Behavioral Health, LLC...more
3/5/2024
/ Civil Rights Act ,
Cyber Attacks ,
Cybersecurity ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
Popular ,
Ransomware ,
Risk Assessment ,
Risk Management
The number of large data breaches, those involving 500 or more people, exposing protected health information has increased exponentially in the last few years, and ransomware and hacking are the primary cyber threats in...more
2/28/2024
/ Cyber Threats ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Department of Health and Human Services (HHS) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
OCR ,
PHI ,
Popular ,
Risk Assessment ,
Risk Management
On July 26 2023, the Securities and Exchange Commission (SEC) adopted final rules intended to enhance and standardize disclosures of cybersecurity risk management, strategy, governance, and incident reporting by public...more
On December 14, 2023, Erik Gerding, Director, Division of Corporation Finance at the Securities and Exchange Commission (“SEC”) gave a speech on the SEC’s final rules (the “Final Rule(s)”) regarding cybersecurity risk...more
1/9/2024
/ Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Department of Justice (DOJ) ,
Disclosure Requirements ,
FBI ,
Form 10-K ,
Form 8-K ,
Incident Response Plans ,
Popular ,
Publicly-Traded Companies ,
Securities and Exchange Commission (SEC)
On November 27 2023, the California Privacy Protection Agency (“CPPA”) released the first draft of its automated decision-making (“ADMT”) rules (the “Draft Rules”) for those covered entities that must comply with the...more