News & Analysis as of

Risk Assessment Data Security

US Companies Create Principles for Cybersecurity Risk Ratings

by BakerHostetler on

On June 20, 2017, the U.S. Chamber of Commerce announced that a consortium of more than two dozen chamber member companies, including prominent big banks, big-box retailers, and technology giants released a set of principles...more

Yet another Target settlement highlights data breach costs

by Thompson Coburn LLP on

In what appears to be the closing act of the saga that is the Target data breach, on May 23 the retailer announced it had reached a settlement agreement with a coalition of 47 states’ attorneys general. Pursuant to the...more

China Cybersecurity Law: Seven Key Points to Ensure You are Compliance Ready for its Launch on 1 June 2017

by Dechert LLP on

China’s Cybersecurity Law comes into force on 1 June 2017. It is a significant piece of legislation impacting all companies operating a network in China. It covers a wide range of activities relating to the cyberspace,...more

Colorado’s Proposed Cybersecurity Rules for Investment Advisers and Broker-Dealers

by Snell & Wilmer on

Colorado has new proposed rules that add cybersecurity requirements for certain entities with Colorado securities licenses. The proposed rules are from the regulatory agency the Division of Securities. It licenses securities...more

New York stiffens data protection regs

by Thompson Coburn LLP on

New York has once again positioned itself as a leader among states by recently implementing one of the most detailed and stringent data security regulations to date. It should come as no surprise that New York is a prime...more

Lessons from OCR HIPAA Settlements - Mobile Device Security Standards

by Ruder Ware on

In the first known case involving a wireless provider, a cardiology service provider agreed to pay a $2.5 million settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI)....more

"Cybersecurity Trends for Boards of Directors"

Cybersecurity has in recent years become an integral component of a board’s role in risk oversight, but directors often find themselves in unfamiliar territory when it comes to formulating policies and oversight processes...more

Gone Phishin’: Hack Leads to HIPAA Settlement

Earlier this week, the HHS Office for Civil Rights (“OCR”) announced a $400,000 settlement with Metro Community Provider Network (“MCPN”) related to a 2012 HIPAA breach caused by a phishing scam. The phishing scam, carried...more

N.Y.’s New Cybersecurity Regulations: What Financial Services Companies Need to Know

With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform...more

Cybersecurity Threats for Treasury & Payment Management Systems Report Released

Pactera Technologies N.A., Inc. [www.Pactera.com] has released the report “Cybersecurity Threats for Treasury & Payment Management Systems: Six Things you Should Know to Manage Them.” It is easy to understand and pertinent,...more

Rock and a Hard Place: Banks In Search of Compliance Amid Diverging Regulatory Regimes

Last year was the first that national banks and federal savings associations subject to supervision by the Office of the Comptroller of the Currency (“OCC”) were armed with a sense of the agency’s regulatory expectations when...more

Cybersecurity Still Top FINRA Operational Risk

by Carlton Fields on

On January 4, the Financial Industry Regulatory Authority (FINRA) published its annual Regulatory and Examination Priorities Letter providing firms with information about areas FINRA plans to review in 2017 as well as...more

HHS OCR Levies Significant HIPAA Penalties in a Series of Recent Settlements: Covered Entities and Business Associates Alike...

by Arnall Golden Gregory LLP on

Between June and November 2016, the Department of Health and Human Services Office of Civil Rights (HHS OCR) has announced seven high-dollar settlements to resolve alleged violations of the HIPAA privacy, security, and breach...more

New FTC Data Breach Response Guidelines

by Robins Kaplan LLP on

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

HHS Designates Cloud Service Providers as Business Associates Under HIPAA

by Ballard Spahr LLP on

Cloud service providers that process electronic protected health information (ePHI) are business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), even if the PHI is encrypted and the...more

New York's New Cybersecurity Rules: What Is Required?

by White & Case LLP on

The new cybersecurity rules proposed by the New York State Department of Financial Services require financial services institutions to have extensive cybersecurity protections in place; including cybersecurity programs,...more

Best Practices to Thwart Hackers Using Email to Get Your Money

by Pessin Katz Law, P.A. on

Not a week goes by without some news report of another hacking incident. The industries targeted include large retail stores, restaurants, banks, attorneys, accountants and recently in Maryland, a title company. In...more

Record-Breaking HIPAA Settlement Sends Strong Message to Covered Entities

This month marked the largest HIPAA settlement to-date for a single entity. Advocate Health Care Network (“Advocate”) agreed to pay $5.5 million and adopt a corrective action plan after an investigation by the Department of...more

FTC Plants A Flag With LabMD Ruling: What This Means for Enforcement

On Friday, the heads of the Federal Trade Commission overruled the decision of the Administrative Law Judge (“ALJ”) in In the Matter of LabMd., Inc. The FTC concluded that the ALJ had erred in dismissing the Commission’s case...more

Best Practices for Cybersecurity in Vehicles

by Snell & Wilmer on

In response to increasing cybersecurity threats in vehicles, in 2015 the Automotive Information Sharing and Analysis Center (Auto-ISAC) was formed. Its member companies include all automakers operating in North America...more

Legal Alert: New York’s New BSA/AML Rule Imposes Monitoring, Filtering and Certification Requirements

On June 30, 2016, the New York Department of Financial Services (DFS) adopted a new anti-terrorism and anti-money laundering (AML) regulation (Final Rule) that builds on federal anti-money laundering requirements to address...more

The High Stakes Poker of Playing Fast and Loose with Federal Laws and Regulations Just Got More High Stakes: US Civil Penalties...

Though corporate compliance programs can be expensive, companies that fail to implement such programs are about to double down on their gamble as a result of a newly imposed increase in civil fines. Prior to this increase,...more

Employment Law Reporter - May 2016

by Ervin Cohen & Jessup LLP on

The Age of The Data Breach : The Top 5 Best Practices - What will you do? We live in The Information Age. Increasingly, business success depends on the ability to obtain, maintain and intelligently utilize increasing...more

Is Data Really a “Toxic” Asset?

by Seyfarth Shaw LLP on

In his “Data Is a Toxic Asset” blog post, Bruce Schneier argues that data is a toxic asset and that the lesson all the recent data breaches are teaching us is that storing this asset is “dangerous,” because it makes companies...more

Cybersecurity: What You Must Know and What You Must Do

On February 1, 2016, the Federal Deposit Insurance Corporation (“FDIC”) published the Winter 2015 issue of Supervisory Insights. Not surprisingly, the first article dealt with the most important issue facing the financial...more

41 Results
|
View per page
Page: of 2
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.