The Mysterious Boundary Beyond Which “Personal” Relationships Jeopardize a Director’s Independence -
In a recent enforcement action, the SEC concluded that the relationship between James Craigie and an officer of Church &...more
2/11/2025
/ Blockchain ,
Board of Directors ,
BSA/AML ,
Consumer Insurance Products ,
Corporate Governance ,
EFTs ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Enforcement Actions ,
Fiduciary Duty ,
Investment ,
Investment Contract ,
Publicly-Traded Companies ,
Retirement ,
Securities and Exchange Commission (SEC) ,
Variable Insurance
Trying to plot the course for a data security plan in 2025 requires piecing together the maps of various cartographers and decoding each map’s legends and keys....more
The U.S. Department of Health and Human Services Office for Civil Rights (OCR) appears to have made cybersecurity its New Year’s resolution. The first few weeks of 2025 have already brought with them proposed amendments to...more
1/21/2025
/ Cybersecurity ,
Data Breach ,
Data Protection ,
Electronic Protected Health Information (ePHI) ,
Enforcement Actions ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
HIPAA Security Rule ,
OCR ,
Patient Privacy Rights ,
Risk Assessment
The California Privacy Protection Agency (CPPA), at its board meeting on November 8, 2024, voted 4–1 to advance proposed regulations to a formal rulemaking. As currently drafted, these regulations would, among other things...more
11/11/2024
/ California ,
California Consumer Privacy Act (CCPA) ,
California Privacy Protection Agency (CPPA) ,
Consumer Privacy Rights ,
Corporate Counsel ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Personal Information ,
Regulatory Requirements ,
Risk Management ,
State Privacy Laws
Keeping the season spooky for data brokers, the enforcement division of the California Privacy Protection Agency announced on October 30, 2024, that it is conducting a public investigative sweep of data broker registration...more
Gone With the Wind?
Closed-End Funds Risk Extinction -
Shares of SEC-registered closed-end funds (CEFs) have long held significant potential advantages for some investors. For example, unlike shares of mutual funds...more
10/16/2024
/ Cybersecurity ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Federal Trade Commission (FTC) ,
Financial Industry Regulatory Authority (FINRA) ,
Insurance Regulations ,
Investment ,
Investment Adviser ,
Investment Management ,
Life Insurance ,
NAIC ,
Retirement Plan ,
Securities and Exchange Commission (SEC) ,
Securities Regulation ,
Social Media
After years of development work, the National Association of Insurance Commissioners’ Privacy Protections Working Group’s efforts are again caught in a windstorm. ...more
On May 16, 2024, the SEC breathed new life into its decades-old Regulation S-P, which requires firms to adopt policies and procedures for the protection of customer information and records. The amended rule balloons the...more
10/10/2024
/ Broker-Dealer ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Collection ,
Disclosure Requirements ,
Incident Response Plans ,
Investment Adviser ,
Investment Companies ,
Proposed Rules ,
Regulation S-P ,
Reporting Requirements ,
Securities and Exchange Commission (SEC) ,
Securities Regulation
On September 4, the California Privacy Protection Agency, the agency responsible for enforcing the California Consumer Privacy Act (CCPA), issued an enforcement advisory on “dark patterns” and their inability to constitute...more
On September 4, the California Privacy Protection Agency issued an enforcement advisory regarding “choice architectures that have the substantial effect of subverting or impairing a consumer’s autonomy, decision-making, or...more
Last Lap in SEC RILA Rulemaking Critical Unresolved Issues -
Congress directed the SEC to adopt a new registration statement for registered indexed annuities (RILAs) by the end of June. Several months ago, the SEC...more
5/29/2024
/ Artificial Intelligence ,
Broker-Dealer ,
CFTC ,
Climate Change ,
Cybersecurity ,
Disability Discrimination ,
Disclosure Requirements ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Investment Adviser ,
Investment Management ,
Life Insurance ,
NAIC ,
NLRB ,
Private Equity ,
Private Funds ,
Private Placements ,
Proposed Legislation ,
Retirement Plan ,
Securities and Exchange Commission (SEC) ,
Settlement Agreements ,
Whistleblower Protection Policies ,
Whistleblowers
On April 26, the Federal Trade Commission announced its final rule updating the health breach notification rule. According to the FTC, the update seeks to “clarify” the scope of the rule by adding new definitions and revising...more
Drivers, start your engines. It has been months of high speed for privacy, cybersecurity, and artificial intelligence....more
5/16/2024
/ Algorithms ,
Artificial Intelligence ,
California Privacy Protection Agency (CPPA) ,
Cybersecurity ,
Data Brokers ,
Data Privacy ,
Data Security ,
Healthcare ,
Insurance Industry ,
Life Insurance ,
Machine Learning ,
NAIC ,
TCPA
Employers are gathering more and more data on job applicants and employees. From using artificial intelligence (”AI”) and credit scores for pre-employment screenings, biometrics for clocking-in and out, and digital...more
As the health care industry continues reeling from the recent Change Healthcare ransomware attack that crippled large portions of the U.S. health care system, health care providers are naturally reminded of the importance of...more
3/12/2024
/ Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare ,
Personally Identifiable Information ,
Popular
A string of putative class actions has been filed against life insurance companies for allegedly violating section 20(b) of Illinois’ Genetic Information Privacy Act (GIPA) by using applicants’ family medical history in...more
1/22/2024
/ Consumer Insurance Products ,
Genetic Materials ,
Health Insurance ,
Illinois ,
Insurance Industry ,
Life Insurance ,
Medical History ,
Personally Identifiable Information ,
Putative Class Actions ,
Statutory Violations ,
Underwriting
Step right up as we discuss some of 2023’s most notable cybersecurity and privacy regulatory and litigation developments and tips for keeping your program flying high. Regulatory Activity New regulatory requirements now in...more
1/18/2024
/ Class Action ,
Cybersecurity ,
Data Breach ,
Data Protection ,
Employee Benefits ,
Insurance Brokers ,
Investment Adviser ,
NAIC ,
Popular ,
Retirement Plan ,
Securities and Exchange Commission (SEC)
Funds Not Caged by SEC Names Rule Amendments: Roaming Room Remains -
The SEC recently adopted amendments to its investment company “names” rule that apply to most SEC-registered funds, including underlying funds in which...more
1/11/2024
/ Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Insurance Industry ,
Investment Funds ,
Life Insurance ,
Proposed Rules ,
Putative Class Actions ,
Retirement Plan ,
Securities and Exchange Commission (SEC) ,
Securities Traders ,
Whistleblowers
Regulators Hit Jackpot: Off-Channel Communications -
Several years before announcing the first “off-channel” communications enforcement action, the SEC and FINRA cautioned broker-dealers and investment advisers about...more
10/11/2023
/ Annuities ,
Artificial Intelligence ,
Best Interest Standard ,
Breach of Contract ,
Class Action ,
COBRA ,
Consumer Financial Products ,
Consumer Insurance Products ,
Employee Benefits ,
Employee Retirement Income Security Act (ERISA) ,
Employment Litigation ,
Federal Arbitration Act ,
Financial Contracts ,
Financial Industry Regulatory Authority (FINRA) ,
Financial Services Industry ,
Health Insurance ,
Insider Trading ,
Insurance Fraud ,
Insurance Litigation ,
Insurance Regulations ,
Interlocutory Appeals ,
Investment Management ,
Life Insurance ,
Money Market Funds ,
Mutual Funds ,
NAIC ,
NLRA ,
NLRB ,
No-Action Letters ,
Non-Compete Agreements ,
NYDFS ,
Regulatory Requirements ,
Retirement ,
Robocalling ,
Securities and Exchange Commission (SEC) ,
Securities Fraud ,
State and Local Government ,
Wage and Hour
With generative AI becoming increasingly prevalent, businesses face a spectrum of opportunities, challenges, and risks. While some organizations have been quick to bring generative AI into the fold, the majority are still...more
The National Association of Insurance Commissioners’ Privacy Working Group has been feverishly shuffling and re-dealing its new privacy model, but its luck may be running out....more
As technologies like ChatGPT and other artificial intelligence tools have entered the mainstream, billions of individuals have used such tools for assistance with everyday tasks, both personal and professional. These tools,...more
Generative AI has captured the public’s attention and promises to transform the way we live and work. The technology, however, implicates a number of important cybersecurity and privacy considerations for organizations. This...more
In April and May, the NAIC Privacy Protections Working Group held the first three of its biweekly calls to discuss its recipe for a new privacy model, “Insurance Consumer Privacy Protection Model Law #674.” During the...more
On June 6, 2023, Gov. Ron DeSantis signed S.B. 262 into law, adding Florida to the list of states passing new privacy laws this year. While much of S.B. 262 will only impact companies with annual revenues of more than $1...more