Risk Assessment

News & Analysis as of

Physician Group Practice Pays $750,000 for Breach of Unsecured Electronic Protected Health Information on Electronic Device

Cancer Care Group, P.C. (“CCG”), a radiation oncology physician group practice in Indiana, agreed to pay $750,000 for a breach of unsecured electronic protected health information (“ePHI”). CCG will also implement a...more

The High Cost of an FCPA Violation

Violations of the Foreign Corrupt Practices Act (“FCPA”) can lead to hefty penalties. Indeed, individuals who violate the FCPA, and their employers, could be on the hook for a variety of penalties described below. Companies...more

Hiring Practices: A New or Old FCPA Compliance Challenge?

Contrary to the opinion of many in the FCPA space, the BNY Mellon settlement and the looming actions against six major financial institutions for hiring practices is not a big shock or surprise. The SEC is not raising a new...more

Taking Charge of a Company’s Reputation: Assign a Single Person to Manage Reputational Risks (Part III of III)

One person who does not have a conflict in evaluating a company’s reputational risks should manage a company’s reputation. This approach starts with one basic requirement – the board and the CEO have to agree that a company’s...more

The CECO’s Role in Recovery From An Organizational Ethics Breach

A major organizational ethics breach – something every Chief Ethics and Compliance Officer (CECO) desperately wants to avoid – has catastrophic potential. What should the CECO do in preparation for a breach? What does the...more

At Will? What’s That?

Did you know that employees in most countries outside the United States have a contractual right to continued employment, whether or not they have written contract? If an employer does not provide an employee with a written...more

Shadow Banking Guidelines – Part 1: An Overview

Shadow banking has been a subject of great interest to financial regulators and policy makers since the global financial crisis. A topic of particular focus has been the interconnectedness between the world of unregulated...more

EPA Issues Draft Guidance on Pesticide Cumulative Risk Assessment: Framework for Screening Analysis

The Environment Protection Agency (EPA) extended the comment date on its draft guidance, Pesticide Cumulative Risk Assessment: Framework for Screening Analysis, in a Federal Register notice published on August 28, 2015. ...more

Spain Sets a New Milestone with its Corporate Compliance Statute

As of July 1 of this year, Spain becomes the latest in a string of nations with a corporate compliance defense. Article 33 of Spain’s criminal code will provide an exemption from corporate criminal liability where the company...more

Added Compliance Burdens: New York Nonprofits Have to Implement Workplace Violence Programs

In 2010, New York State enacted its New York Prudent Management of Institutional Funds Act (NYPMIFA); in 2012 Governor Cuomo promulgated Executive Order 38 capping excess compensation at nonprofits receiving government...more

Not So Far Out: OMB Memo Indicates Cybersecurity FAR Clauses Are Coming Soon

On August 11, 2015, the Office of Management and Budget (“OMB”) released a draft policy memo entitled “Improving Cybersecurity Protections in Federal Acquisitions.” The purpose of the memo is to provide federal agencies with...more

A Guide for Insurers on Creating and Maintaining a Cybersecurity Plan

The intersection of valuable and personally identifiable digitized information and the increasing incidence of cybersecurity breaches makes the creation and maintenance of a cybersecurity plan one of the most pressing...more

Five Lessons Ethics & Compliance Professionals Can Learn from the World of Sports

Despite the FIFA scandal and other not-so-great news from the world of professional sports recently, it’s good to remember that sports, at their best, can be a rich source of strategies and inspiration for the business...more

The Fourth European Union Anti-Money Laundering Directive and Its Effects on Financial Institutions Operating in the EU

The Fourth European Union Anti-Money Laundering Directive (Fourth AML Directive), approved by the European Parliament on May 20, 2015, went into effect on June 25, 2015, repealing the 2005 Third AML Directive. Given the...more

DOJ’s Warning to High-Tech Companies: SAP Official Pleads Guilty To FCPA Violation

When DOJ acts, they like to make a splash. While the FCPA Paparazzi have been lamenting the “slow down” in FCPA enforcement actions and the increase in case closings, DOJ still makes its mark when it acts, and I expect more...more

Best Practice Internal Controls For Reducing Fraud And Corruption Risk

Fraud and corruption risk are inevitable, yet every company should strive to reduce these risks. For Compliance Week, Jeffrey Harfenist (BDO Consulting, Global Forensics), Stephanie Giammarco (BDO Consulting, Forensic...more

Give & Take: The Case for a Better G&E Compliance Program

Part One: Setting The Foundation - Why Does G&E Matter? Tony Robbins once said, “Every problem is a gift—without problems we would not grow.” In the compliance arena, the reverse also applies, as many gifts can...more

Hacking Your Health: For Healthcare Providers, Risk Analysis Must Be Ongoing

Healthcare providers would be wise to keep in mind that if a patient is harmed by a hacked medical device, Exhibit A in the negligence suit against them may be that provider’s risk analysis, or lack thereof....more

UK Insurers Probed for Cyber Risk

The UK's Prudential Regulation Authority (PRA) has, this month, written to insurance companies in the UK to find out more about how they deal with the threat posed by cyber attacks and what mechanisms they have in place to...more

Privacy Commissioners Issue Joint Guidance on Bring Your Own Device Programs

An organization’s information can be put at risk when staff begin to bring their own devices and use them in the workplace. As a result, in such cases, an organization should consider adopting an appropriate “bring your own...more

TSX Provides Guidance to Emerging Market Issuers

In recent years, emerging market issuers have faced greater scrutiny by Canadian regulators as a result of questions and concerns about issuers with significant business operations in emerging markets (emerging market...more

OIG adds four new projects to work plan

Since our last blog post about the OIG’s work plan, the work plan has been updated as of August 7, 2015 to add four new projects. A newly added ongoing project is a “Security Control Review of the CFPB’s SQL Environment.” (An...more

You Cannot Buy an Ethical Corporate Culture

I do not mean to be facetious or snarky, but I am concerned about organizations that sell or promote their ability to certify or give a seal of approval to a company as an “ethical” company.  Even more troubling (or perhaps...more

Be Alert Asia Pacific: Employment Law Newsletter: Top Tips for Employers: Cyber Risks and Fraud

Cyber risk is becoming a growing concern amongst businesses and institutions. Data breaches and hacking have been problematic among some sectors, predominantly financial services, for some time. These risks are now often...more

New Citywide Construction Fraud Task Force Promises Tough Enforcement

On August 5th, the Manhattan District Attorney (the "DA’s Office") announced the formation of a multi-agency Citywide Construction Fraud Task Force that will be spearheaded by prosecutors from the office. Its mission is...more

581 Results
|
View per page
Page: of 24

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×