Innovation in Compliance - Improving Third - Party Risk Management with Paul Valente
The “Catch-22” of Preference Law
Gerry Blass on Healthcare Vendor Risk Management
Cyberside Chats: Would you bury your driver's license? (with Whitney McCollum)
Matt Silverman on Export Compliance
Thobekile Cynthia Khumalo on Third Party Due Diligence
Sitting with the C-Suite: Blending eDiscovery Vendors and Law Firms
Ledgers and Law: Real-World Planning for Cyber Attacks
Education Data Privacy and Security Laws: Best Practices for School Districts
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
Lessons for Health, Beauty & Wellness Companies [Part 2]: What Options Exist for a Vendor During Bankruptcy
Lessons for Health, Beauty & Wellness Companies: What to do When Your Buyer is in Financial Distress
Sitting with the C-Suite: How Should In-House Counsel Evaluate eDiscovery Service?
Strategies for Restaurant Owners to Survive in the New Normal
Compliance Perspectives: Supply Chain Compliance Challenges
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Compliance Perspectives: Supply Chains, Human Trafficking and Modern Slavery
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
PODCAST: Williams Mullen GovCon Perspectives - Recent Updates to the SWaM Certification Process in Virginia
On April 26, the Federal Trade Commission (FTC) approved its Final Rule revising the Health Breach Notification Rule (HBNR) (“Final Rule”) by a 3-2 vote. The HBNR requires vendors of personal health records (PHR) and related...more
In an increasingly digitized world, law firms are prime targets for sophisticated cyber threats that can result in substantial financial losses and reputational damage. Recently, a prominent law firm, esteemed for its...more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more
By now, you have heard many news stories about debilitating cyberattacks that started with the compromise of a vendor's systems and ultimately wreaked havoc on that vendor's customers. As a result, many businesses are seeking...more
Security Schedules, Privacy Addenda, TOMs, DPAs—whatever you call them, privacy and cybersecurity contract terms have exploded in prevalence in recent years, bringing with them new importance that can lead to difficult and...more
Join us for a webinar on basic cyber information regarding data protection, data privacy, cybersecurity requirements PII and Sensitive PII, cybersecurity requirements for Third Party vendors, Cyber insurance in the age of...more
Data breaches by large companies have been in the news for some time. Over the last several years several companies, including Marriott, Yahoo and Volkswagon, have been victimized by hackers who have broken into a company’s...more
Wherever you look, it feels like cyberattacks are becoming increasingly common. Criminal hackers are making the headlines every day, stealing the personal information of millions of people, ranging from birthdays to Social...more
Pennsylvania Governor Tom Wolf announced this week that the Commonwealth will not continue to do business with its contact tracing vendor following a security incident that potentially exposed the personal information of...more
As one of the largest information technology service providers to local governments, the cyber-attack on Tyler Technologies (Tyler) in Plano, Texas is a sobering reminder of how a cyber-attack on a third-party vendor can put...more
As a follow-up to last week’s post on the importance of due diligence regarding high-risk vendors’ security practices, Blackbaud, a global company providing financial and fundraising technology to not-for-profit entities,...more
A May 26, 2020 order by U.S. Magistrate Judge John F. Anderson (E.D. Va.) that attorney work product protection did not preclude production of a forensic vendor's data breach investigation report to plaintiffs in the Capital...more
At the end of January, the U.S. Securities and Exchange’s Office of Compliance Inspections and Examinations (OCIE) released its “Observations on Cybersecurity and Resiliency Practices” (Observations)....more
In this episode of Life with GDPR, Jonathan Armstrong and Tom Fox are back to discuss the role of vendors in data breaches and the corporate response thereto. Some of the highlights in this episode include: How much due...more
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
On May 24, 2019, Oregon Governor Kate Brown signed into law Senate Bill 684, which requires vendors, service providers and other entities that maintain or possess consumers’ personal information to notify consumers of a...more
Hotel chain Fillmore Hospitality, LLC is the latest target of a proposed class action complaint filed this week, alleging violation of the Illinois Biometric Information Privacy Act (BIPA). We don’t usually discuss the...more
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
For the fourth year running, the Securities and Exchange Commission’s Office continues to list cybersecurity as one of the top enforcement priorities for 2019. As it relates to cybersecurity, the SEC will be focusing on...more
According to reports, bank customers in Australia (yes, data breach notification requirements exist down under) have been affected by “an industry-wide” data breach experienced by a third-party service provider to the banks –...more
Start-up companies know that, when potential investors kick the tires, they will look carefully at the company’s business model and IP portfolio. These days, investors are also likely to look at whether the company is in...more
Studies about vendor risk related to data security always fascinate me, because conceptually those risks are so similar to the vendor risk challenges corporate compliance officers face with anti-corruption — and yet, the...more
In our last article, we showed you how to evaluate where your organization sits on the landscape of readiness and preparedness. In this concluding article, we identify concrete steps you can immediately employ to move your...more
Fraud presents a constant threat to companies around the globe—and that risk is growing as perpetrators become ever more digitally savvy and creative in their criminal activities. K2 Intelligence has conducted a multitude of...more
This summer, several automakers, including Tesla, Toyota, General Motors, Ford, and Volkswagen learned that their closely held trade secrets were readily available on the internet. The source? An unprotected back-up server....more