Risk Mitigation

News & Analysis as of

Fleet-Footed Investigations and Prompt Remedial Action: The New Normal

Does your company respond to all internal concerns immediately, investigate them thoroughly and remediate them with unmatchable speed? What if the concern comes from an officer, director, lawyer, compliance professional,...more

"CFIUS’s Annual Report to Congress Details Longer Process, More Aggressive Risk Mitigation"

Key Developments - The Committee on Foreign Investment in the United States (CFIUS) is an interagency, Executive Branch organization charged with identifying potential national security risks posed by foreign...more

Domestic Violence and the Workplace: Mitigating the Risks

On February 5, just after the lunch hour at the University of South Carolina in Columbia, the ex-wife of a popular public health professor entered the campus office where the professor conducted cancer research and shot him...more

Traversing the Breach: Why You Need to Prepare for Data Breaches and How to Do It

“At every board meeting, whether it’s monthly, whether it’s quarterly, cybersecurity should be on [the agenda]. If not, you’re going to wind up in a situation where you’re having an emergency board meeting to discuss...more

Does Your Employee Incentive Plan Create an Early Pay-Out and Exit for Key Employees at the Owners’ Expense?

Business owners have at their disposal a variety of employee incentive compensation tools to attract and retain talent. In terms of employee incentive plan design, business owners work to strike a balance between...more

Making the Case for Compliance Training for Third Parties

How to make the case for implementing third party compliance training in your organization. A recent article in the San Francisco Chronicle profiled Jay Jorgensen, the new Global Chief of Compliance at Walmart. The...more

Locke Lord QuickStudy: Attention, Health Insurers: Unique Encryption Requirements in NJ

Setting a new standard for encryption, New Jersey has enacted a new law (P.L. 2014, c. 88, codified at N.J. Stat. Ann. §§ 56:8-196 - 56:8-198) effective August 1, 2015, requiring health insurance carriers authorized to issue...more

What the Anthem Cyberattack Means for the Health Care Industry

Unfortunately, account hacks and data breaches are nothing new. Every day, we hear reports of hackers compromising networks and their protected data. When it happens on a massive scale to a powerful player in the health...more

Cyber Attackers Reach Anthem, Health Care Providers Seen As Vulnerable

Anthem, one of the nation’s largest health insurers, announced last Wednesday that it had been attacked by cyber hackers and that personal information for as many as 80 million individuals had been compromised....more

The Anthem Data Breach: The Fallout and What’s Next

By now (unless you have been under a snow drift), you have likely heard about the apparent intrusion into a database at the nation’s largest health insurer, Anthem, Inc. Rather than reiterate the facts as currently known...more

When Bad Things Happen at Good Facilities (Hazardous Air Pollutant Edition)

Malfunctions happen, even at a well-managed facility. When they happen, they can cause a facility to deviate from emission limits or other standards regarding (among other things) hazardous air pollutants. Furthermore,...more

COSO and Internal Controls – Part V

This post concludes my exploration of internal controls and how companies can demonstrate compliance with the internal controls requirement under the Foreign Corrupt Practices Act (FCPA) by adhering to the Committee of...more

"Managing Regulatory Risk in Bank M&A"

We expect the slowly developing but increasingly perceptible trend toward community and regional bank consolidation in the United States to continue in 2015. In connection with growing bank M&A activity, closing risk in the...more

Cybersecurity Attack on Anthem, Inc. Highlights the Cybersecurity Risks for All Companies Handling Electronic Medical Records

Health care providers, insurers and all who handle information on their behalf were put on notice last week that cybersecurity must be a high priority for their organizations. ...more

C-Suite – Changing Tack on the Sea of Data Breach?

The country awoke to what seems to be a common occurrence now: another corporation struck by a massive data breach. This time it was Anthem, the country’s second largest health insurer, in a breach initially estimated to...more

Potential Pitfalls in Data Licensing and Big Data Analytics

The trend in Big Data analytics among companies shows no sign in abating, with companies covetously collecting vast amounts of data with the hopes of harvesting market differentiators. A study by open-source research firm...more

Breaches in the Boardroom: What Directors and Officers can do to Reduce the Risk of Personal Liability for Data Security Breaches

Corporate directors and officers may increasingly be targets of shareholder derivative lawsuits in the wake of the surge of regulatory actions and private litigation around data breaches,. While no individual directors and...more

Digital Insights & Trends: What Keeps You Up At Night (Round 2) – Data INsecurity

We’re still wide awake, focusing on what keeps us (and our financial institution clients) up at night. Let’s pick up where we left off following our December webinar, but this time address data INsecurity from the perspective...more

Business Litigation Reporter - February 2015

Goodwin Procter’s Business Litigation Reporter provides timely summaries of key cases and other developments within dedicated Business Litigation sessions and related courts throughout the country – courts within which...more

COSO and Internal Controls – Part III

This post continues my exploration of internal controls and how companies can demonstrate compliance with the internal controls requirement under the Foreign Corrupt Practices Act (FCPA) by adhering to the Committee of...more

CFIUS Practice Tips: How Investors Can Successfully Manage CFIUS Risks

In recent years, the Committee on Foreign Investment in the United States (CFIUS) has acted to thwart or constrain various foreign investments in U.S. businesses. However, other similar investments have been permitted to...more

Catching Up on the False Claims Act

From a corporate risk perspective, if your company is in the financial industry, healthcare, or defense industry, your greatest legal and compliance risk has to be the False Claims Act....more

Alert: Five Ways to Reduce Your HIPAA Liability

As of early December 2014, 1,170 security breaches under the Health Insurance Portability and Accountability Act (HIPAA) involving 31 million records had been reported to the U.S. Department of Health and Human Services (HHS)...more

Dealing with High Risk Data

When people think of high risk data, most think of Personal Health Information and Personally Identifiable Information as it relates to HIPAA and the health care industry, but Steve Shebest’s very informative article “High...more

Time To Apply A Risk-Based Approach To Information Security Training

Digital warfare seems to be the name of the game these days. Terrorists attack our database infrastructures and wreck havoc by making personal information public. Look at the most recent attacks on Sony, Chick-Fil-A and...more

161 Results
|
View per page
Page: of 7