Risk Assessment Data Security

News & Analysis as of

Best Practices to Thwart Hackers Using Email to Get Your Money

Not a week goes by without some news report of another hacking incident. The industries targeted include large retail stores, restaurants, banks, attorneys, accountants and recently in Maryland, a title company. In...more

Record-Breaking HIPAA Settlement Sends Strong Message to Covered Entities

This month marked the largest HIPAA settlement to-date for a single entity. Advocate Health Care Network (“Advocate”) agreed to pay $5.5 million and adopt a corrective action plan after an investigation by the Department of...more

How Data Scientists & Compliance Can Work Together Better; Keith Furst Explains [PODCAST]

Data scientist Keith Furst and Masters of Disaster® podcast host Leona Lewis discuss how data scientists and compliance can collaborate better to get compliance the data it needs. It is almost impossible to have one...more

FTC Plants A Flag With LabMD Ruling: What This Means for Enforcement

On Friday, the heads of the Federal Trade Commission overruled the decision of the Administrative Law Judge (“ALJ”) in In the Matter of LabMd., Inc. The FTC concluded that the ALJ had erred in dismissing the Commission’s case...more

Best Practices for Cybersecurity in Vehicles

In response to increasing cybersecurity threats in vehicles, in 2015 the Automotive Information Sharing and Analysis Center (Auto-ISAC) was formed. Its member companies include all automakers operating in North America...more

Legal Alert: New York’s New BSA/AML Rule Imposes Monitoring, Filtering and Certification Requirements

On June 30, 2016, the New York Department of Financial Services (DFS) adopted a new anti-terrorism and anti-money laundering (AML) regulation (Final Rule) that builds on federal anti-money laundering requirements to address...more

The High Stakes Poker of Playing Fast and Loose with Federal Laws and Regulations Just Got More High Stakes: US Civil Penalties...

Though corporate compliance programs can be expensive, companies that fail to implement such programs are about to double down on their gamble as a result of a newly imposed increase in civil fines. Prior to this increase,...more

Employment Law Reporter - May 2016

The Age of The Data Breach : The Top 5 Best Practices - What will you do? We live in The Information Age. Increasingly, business success depends on the ability to obtain, maintain and intelligently utilize increasing...more

Survey says… New trends from corporate in-house counsel

Recently, Kroll and Kroll Ontrack surveyed over 170 corporate in-house counsel to share their perspectives on modern legal challenges facing organizations. We asked about some of the most pressing issues – from big data and...more

Is Data Really a “Toxic” Asset?

In his “Data Is a Toxic Asset” blog post, Bruce Schneier argues that data is a toxic asset and that the lesson all the recent data breaches are teaching us is that storing this asset is “dangerous,” because it makes companies...more

Cybersecurity: What You Must Know and What You Must Do

On February 1, 2016, the Federal Deposit Insurance Corporation (“FDIC”) published the Winter 2015 issue of Supervisory Insights. Not surprisingly, the first article dealt with the most important issue facing the financial...more

Know Your Vendors: The Importance of Comprehensive Risk Assessment Programs

As companies continue to explore new outsourcing and cloud services models in search of improved cost and productivity efficiencies, service providers are being asked to handle increasingly sensitive types of data. However,...more

What's Coming in 2016? Data Security, Social Media and a Busy SEC

Data Security and Data Breaches! No surprises here. We’re getting a little fed up with spectacular stories about compromised personal data, but there is no doubt 2016 will show us more, and companies are adapting and...more

Best in Law: Data Security and the Inside Job

If you are a business owner in the Inland Empire, what would you identify as the greatest threat to the security of your data? Is it hackers looking for credit-card numbers? Could it be foreign governments stealing industrial...more

HHS’ Selection of Contractor Provides Latest Update on Impending Second Round of HIPAA Audits

On October 27, 2015, a U.S. Department of Health and Human Services (“HHS”) official stated that the agency has hired FCi Federal, a provider of management and professional services to government agencies in Ashburn, VA, to...more

Data-Security Assessments? You’re Going to Want a Lawyer for That

These days, data breaches and cybersecurity attacks abound. With each news cycle, we’re confronted with stories about yet another big breach, at another big company, with the potential exposure of another big pool of...more

Any Port in a Storm? EU-US Data Transfers After Schrems and Safe Harbor

Last week, the Court of Justice of the European Union (CJEU) gave an important ruling which any business transferring personal data between the EU and the United States should know about — in particular those that make use of...more

A Compilation of Enforcement and Non-Enforcement Actions

Non-Enforcement Cybersecurity Is At the Top of SEC Examination Concerns In a recent SEC “risk alert” for registered broker-dealers and investment advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE)...more

SEC’s Increased Cybersecurity Enforcement and How to Reduce Your Risks

The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

TN Ethics Opinion Approves Lawyers’ Cloud Storage of Client Data

Tennessee has joined other states in formally approving lawyers’ cloud-storage of client-confidential data. The Board of Professional Responsibility (“BOPR”) held that lawyers ethically may use cloud storage for...more

Don't Wait for It; Recent HIPAA Enforcement Action Signal More to Come in Phase 2 Audits

Officials at the U.S. Department of Health and Human Services Office of Civil Rights (HHS OCR) have recently selected a vendor to conduct the second wave of HIPAA audits. These so-called "Phase 2 Audits" are set to commence...more

SEC to Conduct Second Round of Cybersecurity Examinations

On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing its second round of examinations of registered investment...more

OCIE to Conduct More Cybersecurity Exams

This week the SEC’s Office of Compliance Inspections and Examinations (“OCIE”) announced a second-round of cybersecurity examinations, continuing its initiatives on the issue. The move follows the SEC’s: March 2014 roundtable...more

Not So Far Out: OMB Memo Indicates Cybersecurity FAR Clauses Are Coming Soon

On August 11, 2015, the Office of Management and Budget (“OMB”) released a draft policy memo entitled “Improving Cybersecurity Protections in Federal Acquisitions.” The purpose of the memo is to provide federal agencies with...more

27 Results
|
View per page
Page: of 2
JD Supra Readers' Choice 2016 Awards

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×