Third-Party Service Provider

News & Analysis as of

Vendor Causes Breach of Over 5,000 Patient Records

The continued risk that vendors pose to companies, including health care entities cannot be overemphasized. This week, Sentara Healthcare (Sentara) announced that one of its third-party vendors was the victim of a...more

FBI Is Focused On Professional Service Providers

James C. Barnacle, Chief of the Money Laundering Unit in the Financial Crimes Section, Criminal Investigation Division, of the FBI recently stated that there is a RENEWED emphasis on investigations targeting “ money...more

NY DFS Proposed Cybersecurity Regulations Revised and Implementation Delayed

We previously reported on the New York Department of Financial Services’ proposed cybersecurity regulations. During the public comment period, the DFS received over 150 comments. In response, the DFS announced on December 28,...more

U.S. Military Special Operations Command Workers’ Data Exposed by Vendor

Military personnel continue to be victimized by data breaches. This time, the personal information of healthcare workers employed by Potomac Healthcare Solutions (Potomac), who work for a U.S. Special Operations Command were...more

A Cloud on the Horizon? Attorneys’ Obligations when Using a Third-Party’s Cloud-Based Services

When we think of clouds, we likely picture cumulus, stratus, and cirrus ones, not the type of “cloud” that holds data and software. The latter type of cloud is generally controlled by a third-party service provider and is...more

Passive Debt Buyer May Delegate Dispute Communications to Third Party

A New York District Court recently addressed the issue of whether the FDCPA requires passive debt buyers to personally register disputes or whether they can delegate that obligation to their third party debt...more

CFPB Seeks Feedback on Proposed Third Party Debt Collection Rules

Editor’s Note: On November 3, 2016, Smith Debnam’s Jerry Myers attended a meeting with the CFPB to discuss the proposed rules for third party debt collection. Below, he shares his thoughts from the meeting....more

New York State Revises “First-In-Nation” Cybersecurity Rules

The New York Department of Financial Services (“DFS”) recently issued a revised version of the cybersecurity rules that it first announced in the fall of last year. The rules apply to a wide range of insurance, banking, and...more

Cybersecurity and Data Privacy: Proposed New York State Regulations Updated, Implementation Delayed (1/17)

On September 16, 2016 we informed you of new proposed cybersecurity regulations that would cover all entities regulated by the New York State Department of Financial Services (DFS). On December 28, 2016, DFS released...more

New York State Department of Financial Services Modifies Proposed Cybersecurity Regulations and Pushes Implementation Date Back to...

On Dec. 28, 2016, the New York State Department of Financial Services (NYDFS) published a revised version of its “Cybersecurity Requirements for Financial Services Companies” (the “Regulations”). The revised Regulations...more

New York Department of Financial Services Revises Cybersecurity Proposal: Greater Flexibility and Delayed Compliance Deadlines

As we previously reported, in December 2016 the New York Department of Financial Services (the “DFS”) announced that it was revising its proposed regulation that would require banks, insurance companies and other financial...more

5 Information Governance Predictions for 2017

Information is every organization’s greatest asset. It makes up intellectual property, trade secrets and many other vital corporate assets. It’s how we in corporate America conduct business. With that said, governing and...more

New York Department of Financial Services Issues Revised Cybersecurity Regulations

With the clock ticking down to the new year, on December 28, 2016, the New York State Department of Financial Services (NYDFS) released highly anticipated revisions to its proposed Cybersecurity Requirements for Financial...more

NYDFS Revises Cybersecurity Regulation, Extends Effective Date to March 1, 2017

The New York Department of Financial Services (NYDFS) announced today a revised regulation that will require all institutions subject to NYDFS supervision to establish and maintain a cybersecurity program meeting "certain...more

Enhanced Cyber Risk Management Standards Announced in Joint Rulemaking Initiative by Treasury, Federal Reserve, and FDIC

On October 19, 2016, the three major federal banking regulators announced a joint advance notice of proposed rulemaking (ANPR) for enhanced cyber risk management standards (Enhanced Standards) for large and interconnected...more

Good Marketing Can’t Mask Poor Customer Service

I’ve always been vocal about the need for a service provider to have good marketing if they really want to get ahead in the retirement plan business. While marketing is a great tool, what good marketing won’t do is hide poor...more

Shareholders Derivative Suit Filed against Wendy’s for Data Breach

Continuing the trend of filing a shareholders derivative suit following a data breach, a Wendy’s shareholder recently filed a derivative suit against Wendy’s executives and board members alleging they did not adequately...more

Financial Industry Groups Criticize New York Department of Financial Services Cybersecurity Proposal

As we previously reported, in September 2016 the New York Department of Financial Services (the “DFS”) proposed a regulation that would require banks, insurance companies and other financial services institutions regulated by...more

"The New UK Corporate Offence of 'Failure to Prevent the Facilitation of Tax Evasion': Implications for Fund Managers and...

The U.K. government expands its crackdown on tax evaders and the persons who assist them, by targeting businesses who fail to prevent tax evasion....more

Private Right of Action under CASL coming July 2017

Canada’s Anti-Spam Law came into force on July 1, 2014. Since then, all eyes have been on the Canadian Radio-television and Telecommunications Commission (CRTC) for decisions concerning CASL violations. In the cases made...more

Who Owns a Noise – Should Data Collected in a Public Space by a Private Company be Generally Accessible to the Public?

While law enforcement have access to new technology owned by third parties that assist them with protecting the public, questions arise as to who should own the data gathered by that technology. Sometimes, it is the...more

The TPA Asset Based Fee is a dinosaur

I have a good friend of mine that I’ve known for the last 18 years and he’s one of the most honest people in the 401(k) business and I love him even though he roots for the New York Islanders. He works for a third party...more

"Privacy & Cybersecurity Update - November 2016"

In this month's Privacy & Cybersecurity Update, we review an 11th Circuit case involving the longstanding battle between the FTC and medical company LabMD, recent NIST guidelines for securing devices connected to the...more

California Amends RMLA: Federal Agency Approval Not Required For Processing and Underwriting Companies

Effective January 1, 2017, the definition of lender under the California Residential Mortgage Lending Act (RMLA) will be amended to include third-party processors and/or underwriters who do not solicit loan applicants,...more

Third-Party Risk Programs Should Focus on Offense, not Defense

Just 43 percent of organizations surveyed in NAVEX Global’s 2016 Ethics & Compliance Third Party Risk Management Report said they evaluated third parties before engaging with them—down from 68 percent in 2015....more

320 Results
|
View per page
Page: of 13
Popular Topics

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.

Already signed up? Log in here

*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.
×