Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Preparing for a Government Healthcare Audit
Tackling Credit Push Fraud: Understanding Nacha's Risk Management Package (Part Two) — Payments Pros: The Payments Law Podcast
Compliance into The Weeds: The Complexity of Risk Assessments
Behavioral Health Compliance
The Importance of Assessment Areas
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Taking a Behavioral Approach to Compliance
Episode 291 -- Interview of Mary Shirley on Her New Compliance Book
ChatGPT Risks for Compliance Programs
Season 2 Episode 3 - The Role of Ethics and Compliance Programs in International Business
In the Boardroom With Resnick and Fuller - Episode 4
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
"Board-er" Patrol in Privacy and Cyberattacks - Unauthorized Access Podcast
Cyberattacks powered by artificial intelligence have become more sophisticated as bad actors utilize machine learning to analyze vulnerabilities, automate exploits, and outpace traditional security measures. Through the use...more
Millions of individuals could be at the mercy of cybercriminals after a hacking group launched a large-scale data breach impacting 2.9 billion records, including Social Security numbers and other sensitive information. The...more
The increasing threat of cyberattacks against U.S. water supplies has raised significant concerns among federal officials, who emphatically stress the need for utilities to bolster their cybersecurity measures. A recent...more
In an increasingly digitized world, law firms are prime targets for sophisticated cyber threats that can result in substantial financial losses and reputational damage. Recently, a prominent law firm, esteemed for its...more
Start Planning Now to Reduce Your Increased Money Laundering, Sanctions, and Conflicts of Interest Risks The introduction and use of generative artificial intelligence (GenAI) and predictive data analytics (PDAs) by...more
Following one of the most turbulent years in crypto history, 2023, in contrast, unfolded as a year of reprieve, including from crypto threats. According to a July 12, 2023, report from blockchain analytics firm Chainalysis,...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Typically, we beat the drum of the need to prepare for a data incident—anything from a full-blown ransomware attack to an employee accidently sharing data with the wrong person—by having your Incident Response Plan developed...more
There are so many factors that go into breach response. Determining the size of the breach, time limitations, legal requirements, notification needs, urgency for containment, and interrupted business operations are just a...more
In a recent speech, Nikhil Rathi, CEO of the UK Financial Conduct Authority (FCA), set out the FCA’s latest views on the role of artificial intelligence (AI) in financial services. The speech highlights many benefits but also...more
Cybersecurity is a top concern for all industries, particularly for the pharmaceutical and medical device industries. These industries hold some of the most sensitive data and highly valuable technology, making them prime...more
On April 6, 2023, the US Department of the Treasury released a report analyzing the risks of decentralized finance (DeFi) and potential vulnerabilities in the United States' anti-money laundering (AML) and countering the...more
In recent years, especially through 2019 and 2020, the cyber insurance market in the U.S. has seen significant growth. Middle-market companies have been actively requesting cyber insurance policies with low rates and broad...more
Understanding and managing insider risks is not a new discipline. The manifestation of insider-related risks can be disastrous but the fact that these events are caused by people inside an organization rarely receives enough...more
On September 14, 2022, the Federal Bureau of Investigation (FBI) issued a Private Industry Notification (Notification) warning the industry regarding increasing cyber-attack activity against healthcare providers and payment...more
Cybersecurity is the goliath of tech-related concerns for companies of all sizes, not just large corporations. The Cybersecurity & Infrastructure Security Agency (“CISA”) encourages small and midsize businesses to focus on...more
Entities facing significant legal risk, no matter the circumstances, if they make ransom payments to attackers connected to, or originating from Russia. As the Russian invasion of Ukraine continues, the U.S. government...more
Report on Patient Privacy 22, no. 1 (January, 2022) - As the COVID-19 pandemic enters its third year, real “security fatigue” with pandemic-related issues will combine with cybercriminals’ increasingly sophisticated...more
Labor Day weekend is upon us. Unfortunately, history has shown that, rather than resting, hackers and other threat actors take advantage of holidays to attack closed or understaffed businesses when they least expect it. To...more
Breadth of List Undermines Usefulness to Industry - As required by the Anti-Money Laundering Act (“AML Act”), the Financial Crimes Enforcement Network (“FinCEN”) issued on June 30, 2021 the first government-wide list of...more
Formally wading into the cybersecurity discussion for the first time, on April 14, 2021, the U.S. Department of Labor (DOL) posted on its website a suite of new guidance, including Tips for Hiring a Service Provider with...more
Keypoint: New York’s Division of Financial Services (DFS) now requires Property and Casualty Insurers writing cyber insurance to comply with the Division’s Cyber Insurance Risk Framework to manage their risk. In her...more
As reported last week, a state-sponsored hacker may have breached multiple U.S. government networks through a widely-used software product offered by SolarWinds. The compromised product, known as Orion, helps organizations...more
Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more
The 2019 Review of Notorious Markets for Counterfeiting and Piracy provides a list of such markets (the NML), of both physical and virtual (online) varieties. These include...more