News & Analysis as of September 26, 2024

Compliance › Hackers › Data Protection

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

Coming Soon! CISA’s Proposed Rule on Government-wide Cybersecurity Reporting Requirements for Contractors

PilieroMazza PLLC on 5/29/2024

The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more

Privacy Briefs: November 2023

Health Care Compliance Association (HCCA) on 11/10/2023

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Ransomware Criminal Prosecution of Russian National Underscores Pervasive Ransomware Risks

The Volkov Law Group on 6/1/2023

In today’s world of cyber threats, many companies have fallen victim to ransomware attacks. Corporate boards and senior executives face serious issues when their companies are attacked. The payment of ransom is not only...more

Nick Culbertson on Compliance Breaches in Healthcare

Health Care Compliance Association (HCCA) on 7/15/2021

Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more

Cybersecurity Compliance Programs for Law Firms

Oberheiden P.C. on 7/7/2021

Law firms process sensitive information on a daily basis. Confidential client data is targeted by hackers and insiders for a variety of reasons including financial gain or retaliatory purposes. When a law firm has a security...more

[Webinar] Top Risk Management Lessons from the SolarWinds Hack - January 27th, 10:00 am - 11:00 am PT

NAVEX on 1/18/2021

Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds...more

COVID-19 and Data Protection Compliance in the US

White & Case LLP on 4/15/2020

Irrespective of your industry, the current COVID-19 pandemic poses a new and unique challenge to organizations, their employees, and their customers. The emergence of COVID-19 has prompted organizations to collect and process...more

Managing Third-Party Vendor Cybersecurity Risks (Part II of III)

The Volkov Law Group on 9/11/2019

We all know that businesses rely on a large number of third-party vendors to support their business operations. Many of these third parties require access to a company’s data and its internal information and technology...more

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Perkins Coie on 10/26/2015

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

Alphabet Soup and Data Security

Bilzin Sumberg on 10/19/2015

In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more

California Updates its Data Breach Notice Statute (Again)—What You Need to Know

Orrick, Herrington & Sutcliffe LLP on 10/15/2015

On October 6, California Governor Jerry Brown signed legislation updating California’s data breach notice statute for the third time in three years. The news was quickly overshadowed by the CJEU’s decision invalidating the...more

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

BakerHostetler on 9/29/2015

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

Evolving Litigation of Data Breach Claims

Akerman LLP - Health Law Rx on 9/25/2015

An Illinois circuit court judge has dismissed five of six claims in a consolidated class action against Advocate Health and Hospital Corporation arising from a data breach in July 2013. The judge’s dismissal with prejudice...more

Checking In on Sanctions Enforcement

The Volkov Law Group on 9/24/2015

The Department of Treasury’s Office of Foreign Asset Control continues to ramp up sanctions enforcement. Even with the likely relaxation of the Iran and Cuba sanctions, OFAC has been continuing its aggressive enforcement...more

OCR Enters into $750,000 Settlement with Physician Practice for HIPAA Violations

Seyfarth Shaw LLP on 9/17/2015

On September 2, the Department of Health and Human Services Office of Civil Rights (OCR) announced a settlement with Cancer Care Group, P.C., a thirteen-physician oncology practice in Indiana related to violations of the...more

Incident Response Practice Tip: Balance Meeting Breach Notification Deadlines With Securing Your Network

BakerHostetler on 9/16/2015

State breach notification statutes are being amended on almost a monthly basis. Several laws have, or will soon have, a mandatory notification deadline for notifying affected individuals after the discovery of the incident....more

Interim rule requires Department of Defense contractors to report cyber breaches

Robinson+Cole Data Privacy + Security Insider on 9/9/2015

Companies doing business with the U.S. Department of Defense are facing new requirements for reporting data security breaches and for acquiring cloud computing services. The Interim Rule, effective August 26, 2015, amends the...more

New Guidance for Financial Institution Directors and Officers In Cybersecurity Preparedness

Orrick, Herrington & Sutcliffe LLP on 8/26/2015

Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more

OMB Issues Guidance on Government Contractors’ Cybersecurity Systems

Holland & Knight LLP on 8/14/2015

The Office of Management and Budget (OMB) released a draft guidance document on Aug. 11, 2015, titled “Improving Cybersecurity Protection in Federal Acquisitions” (the “OMB Guidance”). The OMB Guidance instructs agencies on...more

Never Tick Off a Redbird

Thomas Fox - Compliance Evangelist on 6/17/2015

At a Press Conference today, Satan officially announced that Hell has frozen over. He made this stunning announcement after the New York Times (NYT) reported that the baseball team with the most World Series wins in the...more

20 Results

/

View per page

Page: of 1