News & Analysis as of

Risk Assessment Data Security

"Cybersecurity Trends for Boards of Directors"

Cybersecurity has in recent years become an integral component of a board’s role in risk oversight, but directors often find themselves in unfamiliar territory when it comes to formulating policies and oversight processes...more

Gone Phishin’: Hack Leads to HIPAA Settlement

Earlier this week, the HHS Office for Civil Rights (“OCR”) announced a $400,000 settlement with Metro Community Provider Network (“MCPN”) related to a 2012 HIPAA breach caused by a phishing scam. The phishing scam, carried...more

N.Y.’s New Cybersecurity Regulations: What Financial Services Companies Need to Know

With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform...more

Cybersecurity Threats for Treasury & Payment Management Systems Report Released

Pactera Technologies N.A., Inc. [www.Pactera.com] has released the report “Cybersecurity Threats for Treasury & Payment Management Systems: Six Things you Should Know to Manage Them.” It is easy to understand and pertinent,...more

Rock and a Hard Place: Banks In Search of Compliance Amid Diverging Regulatory Regimes

Last year was the first that national banks and federal savings associations subject to supervision by the Office of the Comptroller of the Currency (“OCC”) were armed with a sense of the agency’s regulatory expectations when...more

Cybersecurity Still Top FINRA Operational Risk

by Carlton Fields on

On January 4, the Financial Industry Regulatory Authority (FINRA) published its annual Regulatory and Examination Priorities Letter providing firms with information about areas FINRA plans to review in 2017 as well as...more

HHS OCR Levies Significant HIPAA Penalties in a Series of Recent Settlements: Covered Entities and Business Associates Alike...

by Arnall Golden Gregory LLP on

Between June and November 2016, the Department of Health and Human Services Office of Civil Rights (HHS OCR) has announced seven high-dollar settlements to resolve alleged violations of the HIPAA privacy, security, and breach...more

New FTC Data Breach Response Guidelines

by Robins Kaplan LLP on

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

HHS Designates Cloud Service Providers as Business Associates Under HIPAA

by Ballard Spahr LLP on

Cloud service providers that process electronic protected health information (ePHI) are business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), even if the PHI is encrypted and the...more

New York's New Cybersecurity Rules: What Is Required?

by White & Case LLP on

The new cybersecurity rules proposed by the New York State Department of Financial Services require financial services institutions to have extensive cybersecurity protections in place; including cybersecurity programs,...more

Best Practices to Thwart Hackers Using Email to Get Your Money

by Pessin Katz Law, P.A. on

Not a week goes by without some news report of another hacking incident. The industries targeted include large retail stores, restaurants, banks, attorneys, accountants and recently in Maryland, a title company. In...more

Record-Breaking HIPAA Settlement Sends Strong Message to Covered Entities

This month marked the largest HIPAA settlement to-date for a single entity. Advocate Health Care Network (“Advocate”) agreed to pay $5.5 million and adopt a corrective action plan after an investigation by the Department of...more

FTC Plants A Flag With LabMD Ruling: What This Means for Enforcement

On Friday, the heads of the Federal Trade Commission overruled the decision of the Administrative Law Judge (“ALJ”) in In the Matter of LabMd., Inc. The FTC concluded that the ALJ had erred in dismissing the Commission’s case...more

Best Practices for Cybersecurity in Vehicles

by Snell & Wilmer on

In response to increasing cybersecurity threats in vehicles, in 2015 the Automotive Information Sharing and Analysis Center (Auto-ISAC) was formed. Its member companies include all automakers operating in North America...more

Legal Alert: New York’s New BSA/AML Rule Imposes Monitoring, Filtering and Certification Requirements

On June 30, 2016, the New York Department of Financial Services (DFS) adopted a new anti-terrorism and anti-money laundering (AML) regulation (Final Rule) that builds on federal anti-money laundering requirements to address...more

The High Stakes Poker of Playing Fast and Loose with Federal Laws and Regulations Just Got More High Stakes: US Civil Penalties...

Though corporate compliance programs can be expensive, companies that fail to implement such programs are about to double down on their gamble as a result of a newly imposed increase in civil fines. Prior to this increase,...more

Employment Law Reporter - May 2016

by Ervin Cohen & Jessup LLP on

The Age of The Data Breach : The Top 5 Best Practices - What will you do? We live in The Information Age. Increasingly, business success depends on the ability to obtain, maintain and intelligently utilize increasing...more

Is Data Really a “Toxic” Asset?

by Seyfarth Shaw LLP on

In his “Data Is a Toxic Asset” blog post, Bruce Schneier argues that data is a toxic asset and that the lesson all the recent data breaches are teaching us is that storing this asset is “dangerous,” because it makes companies...more

Cybersecurity: What You Must Know and What You Must Do

On February 1, 2016, the Federal Deposit Insurance Corporation (“FDIC”) published the Winter 2015 issue of Supervisory Insights. Not surprisingly, the first article dealt with the most important issue facing the financial...more

Know Your Vendors: The Importance of Comprehensive Risk Assessment Programs

by McGuireWoods LLP on

As companies continue to explore new outsourcing and cloud services models in search of improved cost and productivity efficiencies, service providers are being asked to handle increasingly sensitive types of data. However,...more

What's Coming in 2016? Data Security, Social Media and a Busy SEC

by Sullivan & Worcester on

Data Security and Data Breaches! No surprises here. We’re getting a little fed up with spectacular stories about compromised personal data, but there is no doubt 2016 will show us more, and companies are adapting and...more

Best in Law: Data Security and the Inside Job

by Best Best & Krieger LLP on

If you are a business owner in the Inland Empire, what would you identify as the greatest threat to the security of your data? Is it hackers looking for credit-card numbers? Could it be foreign governments stealing industrial...more

HHS’ Selection of Contractor Provides Latest Update on Impending Second Round of HIPAA Audits

by Reed Smith on

On October 27, 2015, a U.S. Department of Health and Human Services (“HHS”) official stated that the agency has hired FCi Federal, a provider of management and professional services to government agencies in Ashburn, VA, to...more

Data-Security Assessments? You’re Going to Want a Lawyer for That

These days, data breaches and cybersecurity attacks abound. With each news cycle, we’re confronted with stories about yet another big breach, at another big company, with the potential exposure of another big pool of...more

Any Port in a Storm? EU-US Data Transfers After Schrems and Safe Harbor

by McDermott Will & Emery on

Last week, the Court of Justice of the European Union (CJEU) gave an important ruling which any business transferring personal data between the EU and the United States should know about — in particular those that make use of...more

35 Results
|
View per page
Page: of 2
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
Feedback? Tell us what you think of the new jdsupra.com!