News & Analysis as of

Compliance Cybersecurity

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Faegre Drinker Biddle & Reath LLP

Artificial Intelligence Briefing: Responsible Innovation and Increasing Regulations

Faegre Drinker Biddle & Reath LLP on

This month, the NYDFS issued guidance on cybersecurity risks tied to AI for financial services firms, focusing on risks like AI-enabled attacks and third-party dependencies; California passed a law regulating AI in health...more

Holland & Knight LLP

15 Key Takeaways from the Final CMMC Program Rule Issued by DOD

Holland & Knight LLP on

The U.S. Department of Defense (DOD) has long questioned whether contractors and their supply chains have been fully compliant with existing cybersecurity requirements aimed at protecting Controlled Unclassified Information...more

Ward and Smith, P.A.

Three Cybersecurity Mistakes Small Businesses Make: A Data Privacy Attorney's Perspective

Ward and Smith, P.A. on

In today's digital landscape, where data and technology are integral to business, companies of all sizes are prime targets for cyberattacks. As privacy and data security attorneys, we see the severe impact of inadequate...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2024

Health Care Compliance Association (HCCA) on

23andMe agreed to pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information...more

Goodwin

EU Adopts Cyber Resilience Act for Connected Devices

Goodwin on

On October 10, 2024, the European Council officially adopted the Cyber Resilience Act (CRA), a regulation designed to ensure that products with digital features are secure to use and resilient against cyber threats, and that...more

DLA Piper

Minimizing AI Risk: Top Points for Compliance Officers

DLA Piper on

More than ever, artificial intelligence (AI) is being implemented as a powerful tool to improve our lives and businesses. But with its benefits comes a host of risks – and regulators are homing in on its use as a tool for...more

HaystackID

[Webcast Transcript] From Mac to Mobile: Advanced Data Triage and Collection Tools for Forensic Investigators

HaystackID on

Editor’s Note: Read the transcript from HaystackID’s webcast, “From Mac to Mobile: Advanced Data Triage and Collection Tools for Forensic Investigators,” to learn about HaystackID’s Remote Endpoint Analysis and Data...more

Harris Beach PLLC

Key Considerations for Selling AI Software to the Government

Harris Beach PLLC on

The federal government is the biggest purchaser in America and that extends to the SaaS space. On September 24, 2024, the Office of Management and Budget (OMB) released Memorandum M-24-18, offering updated guidelines for the...more

Cadwalader, Wickersham & Taft LLP

Business As Usual, October 2024 - OCC Releases 2025 Bank Supervision Operating Plan

Cadwalader, Wickersham & Taft LLP on

The Office of the Comptroller of the Currency’s Committee on Bank Supervision sets the agency’s supervision objectives and priorities. On October 1, the Committee released the OCC’s Bank Supervision Operating Plan (the...more

Barnea Jaffa Lande & Co.

Understanding DORA: An Overview of the Digital Operational Resilience Act

Barnea Jaffa Lande & Co. on

The Digital Operational Resilience Act (DORA) is an EU regulatory framework, aimed at enhancing the financial sector’s ability to withstand and recover from ICT (information and communication technology) disruptions....more

Arnall Golden Gregory LLP

Preparing for the Digital Operational Resilience Act (“DORA”): Key Steps for Payments and Fintech Clients

Arnall Golden Gregory LLP on

The Digital Operational Resilience Act (“DORA”), an EU regulation designed to bolster the resilience of financial entities against Information and Communications Technology (“ICT”) risks, entered into force on January 16,...more

Ankura

Navigating the Fallout: Essential Insights for Healthcare Companies in Light of the Change Healthcare Cyber Breach

Ankura on

The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more

Health Care Compliance Association (HCCA)

[Event] Regional Healthcare Compliance Conference - October 25th, Louisville, KY

Health Care Compliance Association (HCCA) on

Looking for compliance education and networking in your area? HCCA’s Regional Healthcare Compliance Conferences offer practitioners convenient, local compliance education on a wide variety of current and emerging topics...more

Lighthouse

Enhancing Compliance and Security Operations with AI

Lighthouse on

Summary: If you're tackling compliance and security challenges in an AI-driven world, this post is essential. Discover how Microsoft Purview and Copilot for Security streamline processes, enhance security, and boost...more

Skadden, Arps, Slate, Meagher & Flom LLP

Key Updates to the DOJs Evaluation of Corporate Compliance Programs

Skadden, Arps, Slate, Meagher & Flom LLP on

On September 23, 2024, the U.S. Department of Justice (DOJ) updated its Evaluation of Corporate Compliance Programs (ECCP) guidance. First published in 2017, the ECCP sets out factors that DOJ Criminal Division prosecutors...more

Robinson+Cole Manufacturing Law Blog

Recent Federal Strike Force Prosecutions Serve as Warning to U.S. Manufacturers and Other Exporters

Robinson+Cole Manufacturing Law Blog on

The recent enforcement activities of the newest federal strike force serve as a warning to U.S. manufacturers and other businesses involved in the export of products that the government is doubling down on prosecuting trade...more

BakerHostetler

(Cyber)Security Theater 101 - Georgia Tech, a Teachable Moment

BakerHostetler on

On August 22, 2024, the United States intervened in a whistleblower suit against the Georgia Institute of Technology, initially filed by current and former members of Georgia Tech’s cybersecurity team, alleging that Georgia...more

Benesch

Staying Ahead of the Curve: Adapting to Evolving Cyber Regulatory Enforcement

Benesch on

As calls for executive accountability for cybersecurity intensify, it is essential for companies to scrutinize the adequacy of ephemeral messengers, such as Signal, WhatsApp, WeChat, and Snapchat, in light of both present and...more

BCLP

The EU’s Digital Operational Resilience Act 2022/2554 (DORA)

BCLP on

Long IT sub-contracting chains can make it hard for financial institutions to understand the vulnerabilities in their IT estate and the location of key functions (where these may be located in entities who do not have a...more

Health Care Compliance Association (HCCA)

Privacy Briefs: September 2024

Health Care Compliance Association (HCCA) on

The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more

Lathrop GPM

Is AI Putting Your Organization at Risk?

Lathrop GPM on

AI tools often drive efficiency and save money, but they have drawbacks. Here’s what to know....more

Bradley Arant Boult Cummings LLP

Government Contractors Beware: DOJ Pursuing Cybersecurity Failures Under the False Claims Act

Bradley Arant Boult Cummings LLP on

The U.S. Department of Justice (DOJ) filed its first major complaint-in-intervention under the False Claims Act (FCA) premised on a government contractor’s alleged cybersecurity deficiencies since the DOJ’s Civil Cyber-Fraud...more

Womble Bond Dickinson

Upcoming Deadline for PCI DSS 4.0.1 Implementation

Womble Bond Dickinson on

A critical deadline of March 31, 2025 is upcoming for the full implementation of the new requirements contained in the Payment Card Industry Data Security Standard (PCI DSS) version 4.0....more

Epiq

Cyber Incidents on the Rise: Tips for Effective Data Breach Notification

Epiq on

Cyber incidents have been growing at an exponential rate in recent years. A recent report from the Identity Theft Resource Center found that there were over one billion data breach victims in Q2 of 2024, which is around five...more

Holland & Hart - The Benefits Dial

Both Sides Now… Must Be Alert to Cybersecurity

Holland & Hart - The Benefits Dial on

by Becky Achten New guidance from the Employee Benefits Security Administration (EBSA) affirms that both sides—retirement plans and welfare plans—must take steps to secure participant data from cybercrime. In 2021 the...more

848 Results
 / 
View per page
Page: of 34
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide