Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Preparing for a Government Healthcare Audit
Tackling Credit Push Fraud: Understanding Nacha's Risk Management Package (Part Two) — Payments Pros: The Payments Law Podcast
Compliance into The Weeds: The Complexity of Risk Assessments
Behavioral Health Compliance
The Importance of Assessment Areas
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Taking a Behavioral Approach to Compliance
Episode 291 -- Interview of Mary Shirley on Her New Compliance Book
ChatGPT Risks for Compliance Programs
Season 2 Episode 3 - The Role of Ethics and Compliance Programs in International Business
In the Boardroom With Resnick and Fuller - Episode 4
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
"Board-er" Patrol in Privacy and Cyberattacks - Unauthorized Access Podcast
On April 12, Nebraska Governor Jim Pillen signed Legislative Bill 1074 into law, making Nebraska the 16th U.S. state to enact a comprehensive privacy law. The Nebraska Data Privacy Act (NEDPA) will take effect on January 1,...more
While smaller organizations may lack the resources of their larger peers for the critical task of operating a strong governance, risk and compliance program, leaders in GRC said those same organizations still have ample...more
The Federal Acquisition Regulatory Council recently issued a far-reaching proposed rule that includes significant compliance obligations for contractors related to their greenhouse gas emissions. Most federal contractors,...more
On December 15, 2021, Congress passed the National Defense Authorization Act (NDAA or Act) for Fiscal Year (FY) 2022, which President Biden is expected to sign into law soon. As usual, the NDAA contains numerous provisions...more
Tips on Preparing to Defend Against Allegations of SBA Loan Fraud During the COVID-19 Crisis - Federal emergency relief legislation—including the Coronavirus Aid, Recovery, and Economic Security Act (“CARES Act”)—has...more
The California Privacy Rights Act (CPRA) is a ballot initiative that, if passed in November, will significantly amend the California Consumer Privacy Act (CCPA)....more
COVID-19 and the related emergency has had a dramatic effect on small businesses. States have implemented "stay-at-home" orders or otherwise ordered the closure of non-essential businesses, resulting in the virtual...more
The developing coronavirus pandemic affects businesses and personnel within the state and elsewhere. With more New Yorkers working from home, there are more opportunities for cyberattacks through unsecure remote connections...more
It's been ten years since the Federal Acquisition Regulation (FAR) was amended to require government contractors to have a business ethics and compliance program – that's right, it's a requirement in every government contract...more
Your heart raced when the caller on the phone identified himself as an FBI agent. But the conversation was matter-of-fact. About 2,500 sets of credit card information from your clients had been posted for sale on a...more
The bulletin requires relationships between banks and marketplace lenders to be treated with the same rigor of due diligence and ongoing oversight as other relationships with third parties. On January 24, the Office of...more
It’s been a month since ISO 37001 was published and there are some questions we have heard percolating in the compliance world about what this means. These are the questions we’ve been hearing the most...more
Organizations are preparing for data incidents and breaches by developing, updating, implementing, and testing incident response plans. This article provides a checklist of key components of an incident response plan. ...more
We are not the size of Target or Home Depot, we won’t be a target of cyber-attack. This is a dangerous assumption. Recently reported in the news was that ISIL (a terrorist organization) had hacked and taken over certain...more
The Foreign Corrupt Practices Act (“FCPA”) should be top of mind for any manufacturer conducting or considering international business. Indeed, any doubts that the government was still interested in investigating and...more
In this presentation: - Why cybersecurity matters - Recently-implemented cybersecurity rules and laws - Rapid reporting of cyber incidents and additional cybersecurity measures coming soon -...more
The U.S. Department of Health and Human Services ("HHS") has just released a new security risk assessment ("SRA") tool to assist small and medium sized health care practices (one to ten providers) conduct a HIPAA risk...more
The bottom-line: If you do not conduct a risk assessment, then you should start praying. The FCPA Guidance made it clear – conduct a risk assessment and tailor your compliance program to the risk assessment....more