News & Analysis as of

Risk Management Covered Entities

New York DFS Cyber Rules Go Live: Here’s Your Roadmap

by Orrick - Trust Anchor on

August 28, 2017 marks the end of the initial 180-day grace period for compliance under the New York Department of Financial Services’ “first-in-the-nation” cybersecurity regulations (the “Rules”). The initial regulations...more

NYSDFS Upcoming Deadline Fast Approaching: First Key Date is August 28, 2017

by Shipman & Goodwin LLP on

On March 1, 2017, the New York State Department of Financial Services’ (“DFS”) first-in-nation Cybersecurity Regulations for the purpose of protecting consumers and financial institutions from cyber-attacks went into effect...more

New York State Cybersecurity Regulations: First milestone in sight, what is next on the horizon?

by Shearman & Sterling LLP on

The New York State Department of Financial Services (“NYDFS”) enacted final cybersecurity regulations (“Regulations”) for NYDFS regulated entities that went into effect on March 1, 2017. The first deadline for compliance...more

New York’s New Cybersecurity Regulations and its Impact on your Sensitive Health Information

by Farrell Fritz, P.C. on

Effective March 1, 2017, the New York State Department of Financial Services promulgated regulations to help protect against cybercriminals and their efforts to exploit sensitive electronic data. These cybersecurity...more

NYDFS Updates FAQs to Clarify Cybersecurity Regulations

by Ballard Spahr LLP on

The New York Department of Financial Services (NYDFS) recently updated frequently asked questions (FAQs) about its cybersecurity regulations, 23 NYCRR 500, to address four new issues. NYDFS published its initial set of FAQs...more

How Can Healthcare Organizations Prepare for the Next Cyberattack?

by Latham & Watkins LLP on

HHS OCR issues checklist, iterative guidance in wake of WannaCry and Petya attacks; Anthem breach settlement provides additional lessons. Key Points: ..Healthcare organizations are particularly vulnerable to ransomware...more

Funds Talk: June 2017 - Incident Response Plans Form an Essential Part of Cybersecurity Frameworks

Cybersecurity has increasingly moved into the spotlight in recent years, with regulators and financial firms alike clambering to keep pace with rapidly changing demands as threats continue to evolve....more

Officer and director checklist: Complying with the global reach of the New York Department of Financial Services Cybersecurity...

by White & Case LLP on

The New York State Department of Financial Services (NYDFS) issued Cybersecurity Requirements for Financial Services Companies (the "Cybersecurity Regulation") effective March 1, 2017. The regulation imposes tight compliance...more

Securing ePHI in a Mobile Health World

Could a lost cell phone or laptop cost your organization millions of dollars? Mobile devices have enabled vast improvements in the efficiency and quality of healthcare delivery. ...more

Orrick's Financial Industry Week In Review

Financial Industry Developments - New York Department of Financial Services Promulgates First-in-the-Nation State Cybersecurity Regulation - On February 16, 2017, the New York Department of Financial Institutions...more

Lessons Learned from Recent OCR Settlements

by Ruder Ware on

We can learn some valuable lessons about compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) from settlements that are announced by the U.S. Department of Health and Human Services, Office...more

Mark Your Calendars: NY Cybersecurity Regulations to Go into Effect

by Pepper Hamilton LLP on

A covered entity will need to arrange for someone to perform the CISO function, dedicate resources to conduct periodic risk assessments, develop and implement policies and procedures, and retain appropriate personnel and...more

NYDFS: A Lawyer’s Responsibility

New York Financial Regulator to Enforce First-of-Its-Kind Cybersecurity Regulations in Coming Weeks - On December 28, 2016, the New York Department of Financial Services (NYDFS) issued revised cybersecurity regulations...more

New York State Revises “First-In-Nation” Cybersecurity Rules

The New York Department of Financial Services (“DFS”) recently issued a revised version of the cybersecurity rules that it first announced in the fall of last year. The rules apply to a wide range of insurance, banking, and...more

New York Department of Financial Services Revises Cybersecurity Proposal: Greater Flexibility and Delayed Compliance Deadlines

As we previously reported, in December 2016 the New York Department of Financial Services (the “DFS”) announced that it was revising its proposed regulation that would require banks, insurance companies and other financial...more

Banks to Broaden Reporting of Suspicious Cyber Activity; Regulators Propose “Enhanced” Cybersecurity Standards

by Carlton Fields on

The fourth quarter of 2016 has seen an uptick in regulatory activity respecting the financial services sector in the cybersecurity space, both at the state level as previously discussed (here) and on the federal level....more

OCR Stresses Importance of Authentication in Newsletter

In a recent newsletter, the Office for Civil Rights (OCR) encourages health care organizations to review their procedures around authentication and “ensure that they have the appropriate safeguards in place.”...more

Federal Regulators Unveil Proposed Cybersecurity Standards for Large Financial Firms

by Bracewell LLP on

On October 19, 2016, federal regulators issued an Advance Notice of Proposed Rulemaking titled “Enhanced Cyber Risk Management Standards.” The draft standards, jointly released by the Federal Reserve, the Federal Deposit...more

Morgan Lewis Urges NYDFS to Modify Proposed Cybersecurity Rules

by Morgan Lewis on

The New York Department of Financial Services has issued proposed “first-in-the-nation” cybersecurity rules that could place a heavy compliance burden on affected financial companies; Morgan Lewis submitted a comment letter...more

Just Released Proposed Cyber Risk-Management Update for the Financial Sector

by Morgan Lewis on

On October 19, US banking agencies released an advanced notice of proposed rulemaking (ANPR) seeking comments on enhanced cybersecurity standards. These standards potentially would apply to ..US bank holding companies...more

New York Financial Regulators Introduce Robust Cybersecurity Regulations

New York’s Department of Financial Services (“NYDFS”) recently proposed cybersecurity regulations intended to protect consumers and financial institutions from the ongoing threat of cyber-attacks. NYDFS’s proposed...more

Emerging Trends Newsletter - Q3

by Stinson Leonard Street on

We are thrilled to bring you the third installment of Stinson Leonard Street's Emerging Trends newsletter. We are proud of the depth and breadth of experience and knowledge across our firm's 13 offices nationwide and are...more

The New York State Department of Financial Services Proposes Robust Cybersecurity Rules

On September 13, 2016, the New York State Department of Financial Services (DFS) proposed new rules that would require certain “Covered Entities” to establish and implement cybersecurity programs designed to protect nonpublic...more

OCR Issues Guidance on HIPAA and Cloud Computing

On October 7, 2016, the U.S. Department of Health and Human Services (“HHS”), Office for Civil Rights (“OCR”), released a guidance document (the “Guidance”) on the HIPAA-compliant use of cloud computing technologies. The...more

The Cyber Regulation Drops

On September 13, 2016, Governor Andrew Cuomo announced the first proposed broadly applicable cyber regulation in the U.S. (the “Regulation”). The Regulation covers banks, insurance companies and other financial institutions...more

47 Results
|
View per page
Page: of 2
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.