Cybersecurity Compliance

Cybersecurity is a term used to describe methods and systems for protecting sensitive information in the electronic sphere. As more financial, business, and personal information becomes exclusively maintained and... more +
Cybersecurity is a term used to describe methods and systems for protecting sensitive information in the electronic sphere. As more financial, business, and personal information becomes exclusively maintained and stored electronically, the risks of attacks, leaks, and disclosures become more pronouced. The concept of Cybersecurity encompasses a broad array of issues, including governmental regulations to ward off cyber terrorists, industry data collection and maintenance practices, and consumer advocacy to ensure the privacy of individuals' personal and medical information.     less -
News & Analysis as of

A Legal Guide to Privacy and Data Security

A Legal Guide to Privacy and Data Security, a new book offering guidance on a wide variety of privacy and data security laws and how those laws may impact your business, is now available from the Minnesota Department of...more

FCPA Compliance and Ethics Report-Episode 72-interview with Michael Rasmussen [Video]

In this episode of the FCPA Compliance and Ethics Report, I interview Michael Rasmussen, the GRC Pundit. As the man who coined the phrase 'GRC' Michael is one of the country's top GRC experts. He talks about the recent OCEG...more

Anti-Bribery and Corruption Compliance Practices

Compliance Week published its 2014 Anti-Bribery and Corruption Benchmarking Report, a survey of over 180 executives involved in ethics and FCPA compliance and internal audit. The Survey focused on risk, dealing with third...more

What Are the Regulators Thinking?

Recently the New England Chapter of the National Association of Corporate Directors presented a distinguished panel of current and former securities regulators discussing enforcement and governance issues facing boards of...more

Boards of Directors Charged with Cybersecurity Risk Management by SEC Commissioner

Last week, SEC Commissioner Luis Aguilar outlined expectations for directors of public companies to manage cybersecurity risk. If you think it is enough that a board of directors reviews annual budgets for privacy and IT...more

Security Breach Notification Chart - Revised June 2014

Perkins Coie's Privacy & Security practice maintains a comprehensive chart that summarizes state laws regarding security breach notification. The chart is for informational purposes only and is intended as an aid in...more

SEC Commissioner Calls on Corporate Boards to Address Cybersecurity—Refers to NIST Cyber Framework as “the Bible”

While attending the "Cyber Risks and the Boardroom" Conference at the New York Stock Exchange on Tuesday, June 10, 2014, U.S. Securities and Exchange Commissioner Luis Aguilar called on corporate boards to make sure they are...more

SEC Requires Greater Disclosure of Cyber Events

Cyber is still a relatively young risk and the various stakeholders in cyber-risk are at times, still trying to determine their particular role. This includes the officers and/or directors of companies for establishing...more

SEC Establishes Cybersecurity Initiative for Broker-Dealers and Investment Advisers

On April 15, 2014, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) released a National Exam Priority Risk Alert announcing its initiative to evaluate cybersecurity...more

Will the Cybersecurity Framework Create a New Standard Operating Procedure for Businesses?

On February 12, 2013, President Barack Obama issued Executive Order 13636 (EO 13636) entitled “Improving Critical Infrastructure Cybersecurity.”EO 13636 noted the importance of cybersecurity for the nation’s security and...more

Ignoring XP End Of Life May Make Your Company An Attractive Target

On April 8, Microsoft officially ended all support and ceased providing updates for their Windows XP operating system. This “end of life” (EOL) announcement is not uncommon with software platforms, where continued support of...more

SEC Takes Proactive Approach to Cybersecurity

Last month, the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) formally announced its cybersecurity initiative in a Risk Alert. The initiative followed up on OCIE’s...more

Business News Digest – April 2014

In this issue: - Cybersecurity Assessments – Using the Tool Well - A SOX in the Gut: Supreme Court Vastly Expands Workplace "Whistleblower" Law - SEC to Scrutinize Never-Examined Investment...more

HHS's New Security Risk Tool for HIPAA Compliance

On March 28, 2014, the HHS Office of the National Coordinator for Health Information Technology (ONC), in conjunction with the HHS Office for Civil Rights (OCR), released a Security Risk Assessment tool (SRA tool) to assist...more

Privacy And Data Security For Life Sciences And Health Care Companies

Pepper Hamilton Health Care-Life Sciences Webinar - The explosion of mobile technology and Web applications linking patients with doctors, pharmacies and medical devices is undergoing scrutiny by the FDA, FTC, HHS and...more

FINRA Conducting Cyber-Security Sweep Exam

Reacting in part to recent data-breaches and cyber-attacks on larger retailers, the Financial Industry Regulatory Authority (“FINRA”) is conducting a targeted examination of some 20 broker-dealer member firms’ compliance and...more

Executive Branch acts on cybersecurity - what you need to know about this groundbreaking effort

Yesterday, the White House released the National Institute of Standards and Technology Framework for Improving Critical Infrastructure Cybersecurity, which is a key step in the implementation of Executive Order 13636 on...more

SEC Examiners to Take a Close Look at Firms’ Cyber Security

A high-level SEC official told an industry group yesterday that the National Examination Program (NEP) will be reviewing asset managers’ policies and procedures for preventing cyber attacks. In particular, the SEC is looking...more

U.S. Privacy and Data Protection: 2013 Year in Review and a Look Ahead to 2014

In Boston, we celebrated Data Privacy Day (January 28) by presenting “U.S. Privacy and Data Protection: 2013 Year In Review and a Prediction of What’s to Come in 2014” for participants in an IAPP KnowledgeNet. Our panel of...more

Cybersecurity and the duty of care: a top 10 checklist for board members

Visibility on information security, including cybersecurity as well as physical security aspects, is increasingly permeating corporate life. The relatively new SEC requirements for public disclosure of cybersecurity...more

Accretive Health Data Breach Leads To Twenty-Year Settlement With The FTC

On December 31, 2013, the Federal Trade Commission ("FTC") announced that Accretive Health, Inc., ("Accretive") agreed to settle charges that the company's inadequate data security measures exposed sensitive consumer...more

Privacy and Security Alert: January 9th, 2014

On December 5, 2013, the Office of Inspector General (OIG) reported on the Office for Civil Rights’ (OCR) compliance as of May 2011 with oversight and enforcement of the Security Rule and compliance with federal cybersecurity...more

Happy New Year - Now Don't Let The Ball Drop

Ryan Seacrest paid homage again to Dick Clark. The latest musical crazes performed live from hot spots around the globe. Miley Cyrus thinks we’re still interested (for those who were at some point). They all helped us and our...more

Banking & Financial Services E-Note - December 19, 2013

In This Issue: - Several Swiss Regional Banks to Cooperate with U.S. Tax Rules - Volcker Rule Approved by Federal Regulators - Treasury Secretary Sets Goal of Foreign Bank Reform in 2014 - Largest Mortgage...more

Privacy & Cybersecurity Update - December 2013

In This Issue: - European Commission Proposes Changes to the US-EU Safe Harbor: In our November Privacy & Cybersecurity Update,1 we reported that the European Commission was undertaking a review of the U.S.-EU...more

43 Results
|
View per page
Page: of 2