Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Preparing for a Government Healthcare Audit
Tackling Credit Push Fraud: Understanding Nacha's Risk Management Package (Part Two) — Payments Pros: The Payments Law Podcast
Compliance into The Weeds: The Complexity of Risk Assessments
Behavioral Health Compliance
The Importance of Assessment Areas
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Taking a Behavioral Approach to Compliance
Episode 291 -- Interview of Mary Shirley on Her New Compliance Book
ChatGPT Risks for Compliance Programs
Season 2 Episode 3 - The Role of Ethics and Compliance Programs in International Business
In the Boardroom With Resnick and Fuller - Episode 4
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
"Board-er" Patrol in Privacy and Cyberattacks - Unauthorized Access Podcast
Research shows that the average business shares its data with over 730 different vendors. It’s hard enough to mitigate risk within your own organization—how do you mitigate risk from more than 730 external entities?...more
In an increasingly digitized world, law firms are prime targets for sophisticated cyber threats that can result in substantial financial losses and reputational damage. Recently, a prominent law firm, esteemed for its...more
The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more
Learning Objectives - Data privacy compliance requires the use of privacy impact assessments and data transfer assessments - What about the value of other assessments like privacy by design, online safety, AI risk,...more
SCCE’s four-day Compliance & Ethics Essentials Workshop provides comprehensive education on the core elements of a compliance program. The curriculum is ideal for those new to or with little experience in compliance, as well...more
Cyberattacks continue to rise, increasing the need for robust data security. Global weekly attacks rose by 7% during the first quarter of 2023, versus the same quarter last year. Each organization is estimated to face on...more
By now, you have heard many news stories about debilitating cyberattacks that started with the compromise of a vendor's systems and ultimately wreaked havoc on that vendor's customers. As a result, many businesses are seeking...more
SCCE’s Compliance & Ethics Essentials Workshop provides a comprehensive introduction to the elements of a compliance program to enable attendees to be a more effective member of the compliance team. The workshop is ideal for...more
We recently dove into what vendor risk and vendor risk management entails. Once you understand that this is the risk that results from vendors, it’s simple to extend this and establish that vendor risk assessment (VRA), or...more
In This Issue. The Federal Deposit Insurance Corporation (FDIC) is seeking information and comment regarding the FDIC’s supervisory approach to examinations during the pandemic; the FDIC’s tech lab, FIDTECH, announced a “tech...more
Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more
McDermott Will & Emery invites you to a webinar for an in-depth discussion on the US Department of Labor’s initial cybersecurity guidance for retirement plans under the Employee Retirement Income Security Act (ERISA) and what...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
In today’s business landscape, it is nearly impossible to work alone. You have to collaborate with clients, vendors, suppliers, specialists, and plenty of other partners all considered third parties to your organization. As a...more
The fallout from the SolarWinds hacking incident linked to Russian threat actors has not only wreaked havoc on governmental agencies and private companies whose data are at risk following the incident, but this week, Bitsight...more
As if this fall weren’t hectic enough, school districts now need to prioritize compliance with a critical new regulation expanding New York state’s Education Law 2D. In effect since October 1, regulation Part 121 places new...more
The Office of Compliance Inspections and Examinations of the Securities and Exchange Commission released cybersecurity and resiliency-related examination observations on January 27, 2020, based on “thousands of examinations...more
On January 27, 2020, OCIE issued a report detailing cybersecurity and resiliency observations the staff made after "thousands of examinations of broker-dealers, investment advisers, clearing agencies, national securities...more
Dive into a broad spectrum of topics affecting healthcare organizations. Explore the latest laws, regulations, and developments to help you effectively manage your organization’s privacy compliance program. Our Academies are...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more