News & Analysis as of

Blog: Hospital and Vendor Reach Agreement to Settle Alleged HIPAA Violations with Connecticut AG

Last week, the Connecticut Attorney General (the “Connecticut AG”) announced that Hartford Hospital and its subcontractor, EMC Corporation (“EMC”), agreed to settle potential violations of the Health Insurance Portability and...more

HIPAA Lessons from the Warner Chilcott Settlement

Last week, the US Attorney’s Office in Boston announced that drug company Warner Chilcott agreed to plead guilty to health care fraud and pay $125 million to resolve criminal and civil liability arising out of allegations...more

European Union and United States Agree in Principle on New Safe Harbor Framework

On Monday, October 26, European Union Justice Commissioner Vera Jourová delivered a speech before the European Parliament in which she noted that the European Union and the United States had agreed “in principle” on a new...more

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

The Four Cornerstones: Regulatory Focus Sharpens on Student Loan Servicing Industry

We have previously written about recent regulatory focus on the student loan servicing industry. In particular, we discussed the issuance of a 151-page report issued by the Consumer Financial Protection Bureau (CFPB) titled...more

Employee Health Information: Separate and Secure

There are several reasons an employer might have employee health information, ranging from the results of a pre-employment physical to the contents of a request for FMLA leave to what’s written in a health provider’s note...more

Director Cordray sends warning to vendors on TRID rule compliance

In remarks yesterday at the Mortgage Bankers Association’s annual convention, CFPB Director Richard Cordray stated that the CFPB may need to look more closely at vendors of software and other tools used by lenders to comply...more

Update from Wilson Elser’s D&O Insurance Digest

Litigation Developments and Mega Settlements - Dole Food, Inc. Derivative Action – Delaware Chancery Court Finds D&Os Engaged in Fraud - Dole Food, Inc. shareholders sued Dole Chairman and CEO David Murdock and Dole...more

SEC Cybersecurity Update

Results from the SEC’s First Round of Cybersecurity Examinations - On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and...more

Safe Harbor Update: Safe Harbor Sequel Coming Soon?

As we wrote on October 6, 2015, the Court of Justice of the European Union (CJEU) announced its invalidation of the U.S.-EU Safe Harbor program as a legally valid pathway for transferring personal data of European Union (EU)...more

The Compliance Space Race: Compliance is Entering a New Era of Competition and Innovation

Last week, GRC 20/20 announced its annual GRC Innovation Awards, which recognize GRC solutions that are revolutionizing the Governance, Risk Management and Compliance (GRC) market. Awards like this are critical because...more

SEC Announces Second Wave of Cyber Exams of Broker Dealers and Advisors – Is Your Firm Ready?

In April 2014, the Securities and Exchange Commission’s (“SEC”) Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert announcing its first cybersecurity sweep initiative. Pursuant to that initiative,...more

The “Other” Safe Harbor: OIG Warns Healthcare Providers and Vendors Against Information Blocking and Federal Anti-Kickback...

For those of us who work in the privacy and security space this past week has been a whirlwind with focus on the ramifications of the European Court of Justice (ECJ) decision invalidating the EU-U.S. Safe Harbor Agreement....more

SEE YOU IN COURT – October 2015

Bob Bombast, veteran member of the Nutmeg Board of Education, has been vocal in his opposition to state testing based on the Common Core State Standards. When Mr. Superintendent reported last month on the poor test results...more

School Districts to Undergo Cybersecurity Audit

Missouri Auditor Nicole Galloway recently announced plans to conduct cybersecurity audits of five school districts. Coinciding with National Cybersecurity Awareness Month, the audits are intended to reveal how school...more

Proactive Approach To Cybersecurity: Recent SEC guidance and enforcement actions suggest that reactive firms may be in the SEC’s...

In an environment where even the largest and most powerful corporations have fallen victim to data breaches, it can be challenging to fathom how to protect against the sophisticated and ever-evolving threat of cyber attacks....more

Data Breaches Are Not Academic: Colleges and Universities Should Take Appropriate Steps To Avoid or at Least Minimize Their...

Data breaches at colleges and universities are on the rise. These institutions are targets because their networks have access to a large amount of private information, including educational and medical records, as well as...more

Service, Vendor and Enterprise Agreements

Start ups want everything to go quickly, and the agreement that everyone seems to focus on to provide or obtain a service to and from another start up is the service agreement. Sometimes the agreement is referred to as a...more

Beyond the Clouds: Important Sales Tax Considerations for Web-Hosting Providers and Co-Location Facilities

Most people’s understanding of the Internet extends about as far as their eyes can see. In other words, they know that if they type a few words into the little white box beneath the colorful Google logo, within a fraction of...more

SEC Brings First Cybersecurity Enforcement Proceeding in Wake of Risk Alert

Highlights Areas of High Risk and Examination Priorities for Financial Industry Firms - On September 15, the U.S. Securities and Exchange Commission’s (SEC’s) Office of Compliance, Inspections and Examinations (OCIE),...more

Top Tips for Employers: Using Analytics to Make People Decisions

There is more data stored electronically now than ever before. This includes financial data, sales transactions, emails, instant messages, and employee activities, to name a few. Real value can be derived from analysis of...more

SEC Ramps up Cybersecurity Scrutiny With Examination Priorities and an Enforcement Action

Why it matters - Signaling that it will continue to increase its scrutiny of firms' cybersecurity readiness, the Office of Compliance, Inspections and Examinations of the Securities and Exchange Commission (SEC) issued a...more

SEC Steps Up Cybersecurity Enforcement

September has been a busy month for the SEC in addressing cybersecurity. In the span of a week, the SEC issued a new alert in connection with its cybersecurity examination of Wall Street firms, entered a Cease and Desist...more

OCIE Issues Cybersecurity Risk Alert and Exam Plans; Follows Up with Enforcement Action

The Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) recently released a Risk Alert containing its plan for a second round of cybersecurity examinations of registered...more

The New Paradigm in Vendor Management Under the CFPB

This past July marked the fifth anniversary of the creation of the Consumer Financial Protection Bureau (CFPB), a period marked by sweeping changes to the regulatory and administrative environment in which financial...more

119 Results
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.