Data Protection Compliance

News & Analysis as of

Under the Thumb: Regulatory Compliance When Outsourcing Cybersecurity Management

Managed security services are often a natural “add-on” when outsourcing IT services given that data protection is integral to application development, software as a service, and cloud storage, among other services. More...more

Corridors September 2015 - News for North Carolina Hospitals

This article will provide an outline of some of the most significant points for hospitals to use when confronted with a formal government investigation under the Criminal or Civil False Claims Act. As noted below, you should...more

New Guidance for Financial Institution Directors and Officers In Cybersecurity Preparedness

Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more

The Fourth European Union Anti-Money Laundering Directive and Its Effects on Financial Institutions Operating in the EU

The Fourth European Union Anti-Money Laundering Directive (Fourth AML Directive), approved by the European Parliament on May 20, 2015, went into effect on June 25, 2015, repealing the 2005 Third AML Directive. Given the...more

South Korea introduces further data protection breach penalties to encourage compliance, and issues mobile app guidance

Ever since January 2014, when South Korea’s credit card industry lost huge amounts of customer data during a data breach, the South Korean government has been gradually announcing stricter penalties for those who run afoul of...more

Seventh Circuit rules hospital system is not a Consumer Reporting Agency under FCRA

Is a hospital a “consumer reporting agency”? Can a health care provider be liable under the Fair Credit Reporting Act (FCRA) in the event of a data breach? The Seventh Circuit Court of Appeals recently considered these...more

OMB Issues Guidance on Government Contractors’ Cybersecurity Systems

The Office of Management and Budget (OMB) released a draft guidance document on Aug. 11, 2015, titled “Improving Cybersecurity Protection in Federal Acquisitions” (the “OMB Guidance”). The OMB Guidance instructs agencies on...more

The ABCs of COPPA Compliance

In today’s environment – when data breaches seem to be in the news nearly every day – the media, regulators and many others are hyper-focused on privacy issues. Schools and educational institutions are no exception when it...more

The key to information governance success lies within the framework

There is no secret sauce to achieving information governance nirvana. The reality is someone must take ownership of an organization’s information governance program. The industry as a whole has been discussing organizations...more

HHS issues fact sheet on HIPAA rules and resources

The Department of Health and Human Services (HHS) has released a fact sheet on the privacy, security, and breach notification rules of the Health Insurance Portability and Accountability Act (HIPAA). Designed to apply to...more

The Big Move Toward Big Data in Employment

The world of Big Data has arrived, and it is beginning to affect employers and their decision-making in ways undreamed of even a few years ago. Employers can access more information about their applicant pool than ever...more

[Webinar] Response and Recovery Planning: Corporate Ethics and Compliance Failure - August 11, 1:00pm Central

Most companies have a plan for disaster recovery related to technology, physical location, and data – but what happens when you must respond to allegations of a violation of customer trust or compliance? Does your...more

Comptroller Talks Interest Rate, Compliance, and Cybersecurity Risks Facing Financial Institutions

On July 24, OCC Comptroller Curry delivered remarks before the New England Council in Boston, MA regarding the risks that financial institutions face today. Rising interest rates and regulatory compliance were two of the...more

A Kinder, Gentler Spanish Data Protection Authority?

As of July 24, Spain has a new director for its Data Protection Authority (Agencia Española de Protección de Datos — AEPD). The AEPD is the agency responsible for conducting investigations and bringing disciplinary actions...more

E-Discovery: If you can’t take the data to the tools, take the tools to the data

Today we welcome Jo Sherman, CEO, EDT Inc. to share some of her thoughts on the challenge of international investigations and data collection/analysis. Given the challenges of discovery and data collection across borders in...more

Actions Foreshadow Uniform Cybersecurity Regulations for Federal Contractors - Two Recent Executive Agency Actions Lay the...

Federal government contractors handling Controlled Unclassified Information (CUI) should take notice of two recent executive agency actions. Combined, they lay the groundwork for a new cybersecurity clause to be added to the...more

HIPAA Settlement Regarding Use of Internet Applications

On July 10, 2015, the U.S. Department of Health and Human Services, Office for Civil Rights (OCR) announced a settlement agreement with St. Elizabeth's Medical Center (SEMC) in Brighton, Massachusetts, regarding potential...more

Recent HHS Settlement Highlights Risks of Electronically-Sharing Protected Health Information

On July 10, 2015, the United States Department of Health and Human Services Office for Civil Rights (OCR) announced its second settlement of the year for violations of the Health Insurance Portability and Accountability Act...more

New Whitepaper: Reasonable Steps to Protect Trade Secrets

Every company has trade secrets (so-called “crown jewels”)– confidential business and technical information – that if exposed, could result in lost sales, competitive advantage or the ability to further innovate....more

Connecticut Imposes New Data Security Obligations

New law will require consumer breach notice within 90 days, identity theft protection for consumers,“kill switch” for smartphones, and implementation of data security programs for certain health providers, state agencies and...more

Your Questions: The Role of the CCO - A Q&A Session About the Evolving Role of the Chief Compliance Officer

Last year we gathered Robert Chersi, Executive Director, Center for Global Governance, Reporting and Regulation at Pace University; Seth Rice, Assistant General Counsel – Compliance & Director of Global Ethics and Compliance...more

EU Data Privacy Updates

A brief rundown of developments in recent weeks in the area of EU data protection law: - EU Data Protection Regulation - On Monday, June 15, the EU Council (comprised, for purposes of data protection reform, of...more

PIPEDA Amendments In-Force

Amendments to Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) are frequently proposed but just as frequently die on the order paper. Bill S-4, which proposed the most significant amendments to...more

EU/Swiss-U.S. Safe Harbor: More Scrutiny by the FTC?

On May 29, 2015, the Federal Trade Commission ("FTC") announced the approval of the final orders for two U.S. companies, TES Franchising, LLC ("TES") and American International Mailing, Inc. ("AIM"), settling complaints that...more

Legislative Alert: Bill S-4, an Act to amend Canada’s Personal Information Protection and Electronic Documents Act (PIPEDA) passed...

On June 18, 2015, Bill S-4, the Digital Privacy Act was passed by Canada’s House of Commons vote. Bill S-4 was previously passed by Canada’s Senate. The Digital Privacy Act includes important amendments to the Personal...more

158 Results
|
View per page
Page: of 7

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×