Compliance into the Weeds: The SEC and Climate Disclosures
PODCAST: Trending Now An IP Podcast - Patent Office Secrecy Orders
Life Sciences Quarterly (Q3 2019): SEC Enforcement and Class Actions Regarding FDA Communications
Impact of environmental, social and governance agenda on tax
This Week in FCPA-Episode 80, The Last Jedi Edition
Life Sciences Quarterly: A View From Washington: What to Expect From the SEC
Compliance into the Weeds-Episode 39, Disclosure of Ransomware Attacks
Data breaches made headlines throughout 2024, affecting governments, health care groups, and telecoms. Follow-on litigation has kept pace. Nearly 4,000 class actions involving data privacy issues are estimated to be filed in...more
Recently, Glass Lewis announced the release of its 2025 U.S. Benchmark Policy Guidelines and guidelines for Shareholder Proposals & ESG-Related Issues that apply across markets. Here are 8 things to know about this year’s...more
The SEC kicked off its fiscal year by bringing enforcement actions focused on AI and cyber disclosures. As discussed in more detail below: •These actions again show SEC Enforcement prioritizing “hot button” issues like AI...more
Section 13(b)(2)(B) of the Securities Exchange Act of 1934 requires public companies to “devise and maintain a system of internal accounting controls.” In a recent opinion, a New York federal court rejected the Securities...more
The U.S. District Court for the Southern District of New York has dismissed many of the Securities and Exchange Commission’s (SEC’s) claims against software development company SolarWinds and its chief information security...more
The English High Court recently granted a bank permission to transfer personal data disclosed in court proceedings to an authority in Ukraine, a country without UK GDPR adequacy status. The Judge found that the transfer fell...more
In the July edition of our Public Company Watch, we cover key issues impacting public companies, including the new Compliance and Disclosure Interpretations related to the cybersecurity disclosure rules and the recent SEC...more
Bleeping Computer has reported that Rite Aid has disclosed a data breach affecting 2.2 million individuals. According to the report, Rite Aid stated in its filing with the Maine Attorney General that “We determined by...more
Does the R.R. Donnelley settlement mean heightened Securities and Exchange Commission (SEC) involvement in regulating public companies’ cybersecurity policies and practices? Our Securities Litigation, Privacy, Cyber & Data...more
On June 24, 2024, the U.S. Securities and Exchange Commission (SEC) Division of Corporation Finance (Corp Fin) added to its Compliance and Disclosure Interpretations (C&DI) related to disclosure of Material Cybersecurity...more
On June 24, the Securities and Exchange Commission (SEC) released five additional Compliance and Disclosure Interpretations for Item 1.05 of Form 8-K (Material Cybersecurity Incidents). These interpretations provide...more
As questions and commentary continue to arise with respect to the SEC’s rules on disclosure of material cybersecurity incidents, the SEC staff has sought to provide additional guidance on the application of the final...more
Kaiser Permanente is notifying 13.4 million current and former members that their personal information may have been compromised when it was transmitted to tech giants Google, Microsoft Bing and X (formerly Twitter) when...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
An organization that has suffered a data breach likely does not want to have to disclose potentially embarrassing or harmful information, especially in a lawsuit resulting from the breach. Simply involving an attorney in...more
Cyber incidents are among the fastest-growing existential threats to publicly traded companies. More than a technical headache, breaches can materially impact your bottom line—and the mere news of an incident can send stocks...more
The U.S. Securities and Exchange Commission (SEC) Division of Examinations (the Division) recently released its annual Examination Priorities for fiscal year 2024 (the Report). The Report underlines the Division’s focus on...more
On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more
On October 16, 2023, the U.S. Securities and Exchange Commission (“SEC”) Division of Examinations (the “Division”) released its annual Examination Priorities for fiscal year 2024 (the (“Report”), marking the first time the...more
On July 26, 2023, the Securities and Exchange Commission (the “SEC”) adopted final rules relating to enhanced cybersecurity disclosures, which became effective on September 5, 2023 (the “Final Rules”). The Final Rules apply...more
In July 2023, the Federal Trade Commission (FTC) and the U.S. Department of Health and Human Services Office of Civil Rights (OCR) sent a joint letter to approximately 130 hospital systems and telehealth providers raising...more
In this month’s Privacy & Cybersecurity Update, we examine the newly established data privacy framework between the EU and U.S. and new consumer privacy laws in Oregon and Texas. We also review a court ruling that delayed...more
What Happened - On July 26, the U.S. Securities & Exchange Commission (SEC) adopted its Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure final rule on a 3-2 vote. The final rule is a modified...more
On July 26, 2023, the U.S. Securities and Exchange Commission (SEC) announced that it adopted final rules requiring disclosure by public companies of material cybersecurity incidents in a Current Report on Form 8-K, and of...more
The Securities and Exchange Commission yesterday adopted new rules requiring registrants to disclose on Form 8-K any cybersecurity incident which they determine to be material. The new Item 1.05 requires description of the...more