Innovation in Compliance - Improving Third - Party Risk Management with Paul Valente
The “Catch-22” of Preference Law
Gerry Blass on Healthcare Vendor Risk Management
Cyberside Chats: Would you bury your driver's license? (with Whitney McCollum)
Matt Silverman on Export Compliance
Thobekile Cynthia Khumalo on Third Party Due Diligence
Sitting with the C-Suite: Blending eDiscovery Vendors and Law Firms
Ledgers and Law: Real-World Planning for Cyber Attacks
Education Data Privacy and Security Laws: Best Practices for School Districts
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
Lessons for Health, Beauty & Wellness Companies [Part 2]: What Options Exist for a Vendor During Bankruptcy
Lessons for Health, Beauty & Wellness Companies: What to do When Your Buyer is in Financial Distress
Sitting with the C-Suite: How Should In-House Counsel Evaluate eDiscovery Service?
Strategies for Restaurant Owners to Survive in the New Normal
Compliance Perspectives: Supply Chain Compliance Challenges
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Compliance Perspectives: Supply Chains, Human Trafficking and Modern Slavery
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
PODCAST: Williams Mullen GovCon Perspectives - Recent Updates to the SWaM Certification Process in Virginia
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
Every spring, BakerHostetler collects, analyzes, and compares key metrics on the incident response matters we handled in the prior year. The output – our Data Security Incident Response (DSIR) Report – highlights key findings...more
Research shows that the average business shares its data with over 730 different vendors. It’s hard enough to mitigate risk within your own organization—how do you mitigate risk from more than 730 external entities?...more
On February 28, 2024, President Biden signed Executive Order 14117 (the EO), on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The United...more
Partner Janine Anthony Bowen explores data-related issues in technology contracts in the age of GenAI....more
As supply chains have become more digitized and interconnected, they have also become more vulnerable to a range of cyber threats. These threats not only pose risks to the direct operations of companies but also to the...more
In an increasingly digitized world, law firms are prime targets for sophisticated cyber threats that can result in substantial financial losses and reputational damage. Recently, a prominent law firm, esteemed for its...more
The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more
For healthcare providers and health systems covered by the privacy and security regulations under the Health Insurance Portability and Accountability Act (HIPAA), a breach of unsecured protected health information (PHI)...more
Elevate your resilience in the new year by understanding top GRC trends, patterns, and best practices across AI, TPRM, cyber risk, and more. As we step into 2024, technological advancements and an increasingly connected —...more
Reflection and anticipation—these words are especially resonant at this time of year. While we look back at the accomplishments and progress made in the last year, it’s important to prepare for the year ahead by identifying...more
Learning Objectives - Data privacy compliance requires the use of privacy impact assessments and data transfer assessments - What about the value of other assessments like privacy by design, online safety, AI risk,...more
SCCE’s four-day Compliance & Ethics Essentials Workshop provides comprehensive education on the core elements of a compliance program. The curriculum is ideal for those new to or with little experience in compliance, as well...more
Explore the unique issues that are pertinent to managed care professionals! This annual event dedicated to compliance management for health plan providers is returning to an in-person format for 2024. Join your peers and...more
Financial services companies beware: the new state privacy laws exemption are not uniform. To recap, there are privacy laws in 12 states: California, Colorado, Connecticut, Florida, Indiana, Iowa, Montana, Oregon, Tennessee,...more
Interact is BACK and coming to you live this October from the historic French Quarter of New Orleans! Last year’s event may have been named a finalist for Engage Media's 2022 "Best Brand Experience,” but this year, we’re...more
Cyberattacks continue to rise, increasing the need for robust data security. Global weekly attacks rose by 7% during the first quarter of 2023, versus the same quarter last year. Each organization is estimated to face on...more
Over the last several years several companies, including Marriott, Yahoo and Volkswagen, have been victimized by hackers breaking into a company’s computer network. In some cases, they have put confidential information on the...more
The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some...more
Yesterday, New York’s Department of Financial Services (“DFS”) announced another enforcement action under the state’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (“Reg 500”). According...more
In our last newsletter, we discussed due diligence as it relates to selection of vendors. The second part of that exercise is to negotiate your agreement with the vendor to properly manage any risks you identified. In this...more
The Securities and Exchange Commission (SEC) proposes to amend Regulation Systems Compliance and Integrity (Reg SCI) to update and expand the regulatory oversight of the core technology of the U.S. securities markets.1 The...more
Tech Vendors and Cybersecurity – Are They Responsible? It has long been recommended that when you contract with a technology vendor that you include an indemnity clause in the contract wherein the vendor will indemnify you...more