Innovation in Compliance - Improving Third - Party Risk Management with Paul Valente
The “Catch-22” of Preference Law
Gerry Blass on Healthcare Vendor Risk Management
Cyberside Chats: Would you bury your driver's license? (with Whitney McCollum)
Matt Silverman on Export Compliance
Thobekile Cynthia Khumalo on Third Party Due Diligence
Sitting with the C-Suite: Blending eDiscovery Vendors and Law Firms
Ledgers and Law: Real-World Planning for Cyber Attacks
Education Data Privacy and Security Laws: Best Practices for School Districts
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
Lessons for Health, Beauty & Wellness Companies [Part 2]: What Options Exist for a Vendor During Bankruptcy
Lessons for Health, Beauty & Wellness Companies: What to do When Your Buyer is in Financial Distress
Sitting with the C-Suite: How Should In-House Counsel Evaluate eDiscovery Service?
Strategies for Restaurant Owners to Survive in the New Normal
Compliance Perspectives: Supply Chain Compliance Challenges
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Compliance Perspectives: Supply Chains, Human Trafficking and Modern Slavery
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
PODCAST: Williams Mullen GovCon Perspectives - Recent Updates to the SWaM Certification Process in Virginia
Join us for a webinar on basic cyber information regarding data protection, data privacy, cybersecurity requirements PII and Sensitive PII, cybersecurity requirements for Third Party vendors, Cyber insurance in the age of...more
Pennsylvania Governor Tom Wolf announced this week that the Commonwealth will not continue to do business with its contact tracing vendor following a security incident that potentially exposed the personal information of...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
On December 15, 2020, the FTC announced a proposed settlement with Ascension Data & Analytics, LLC, a mortgage industry analytics company, related to alleged violations of the Gramm-Leach-Bliley Act’s (GLBA) Safeguards Rule....more
As one of the largest information technology service providers to local governments, the cyber-attack on Tyler Technologies (Tyler) in Plano, Texas is a sobering reminder of how a cyber-attack on a third-party vendor can put...more
Data breaches are a hot topic and will undoubtedly get even hotter. Cybersecurity for your own enterprise isn’t enough — you must evaluate your vendors and determine if they’re prepared to resist cyberattacks. ...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
The California Consumer Privacy Act (CCPA) requires businesses who engage in “sales” of “personal information,” to offer consumers the right to opt out of such sales via a “Do Not Sell My Personal Information” link or button...more
January 1, 2020, opens both a new decade and a new landscape in privacy regulation in the United States. On that day, the California Consumer Privacy Act, or CCPA, is set to become effective. The law will be the first of its...more
No. In order to be considered a “service provider” for the purposes of the CCPA, a vendor must be bound by a written contract that prohibits it from...more
Not to say, I told you so, but around the same time that the Capital One data breach occurred, I was reminding clients that nearly half of all significant data breaches or cyber-incidents occur because of internal actors. ...more
In another example of a data breach allegedly caused by a vendor, Choice Hotels is contacting approximately 700,000 of its customers regarding a data breach caused by a third-party vendor that “copied the impacted data from...more
Maryland has amended its breach notification law to require businesses that maintain data, not just those that own or license the data, to conduct “a reasonable and prompt investigation” into whether personal information has...more
It’s been a tough week for the healthcare industry. Just days after Quest Diagnostics reported a breach at a third-party vendor affecting approximately 11.9 million of its patients, LabCorp disclosed that a breach at the...more
Don’t wait to implement your California Consumer Privacy Act (CCPA) compliance as it could require changes to your operations. CCPA can apply to businesses even if they do not have offices or employees in California. It can...more
• The SEC released a Risk Alert summarizing key areas in which it continues to see compliance deficiencies related to Regulation S-P, the primary SEC rule regarding privacy notices and safeguard policies of investment...more
• The Office of the California Attorney General (AG) held the final public forum on the California Consumer Privacy Act on March 5, 2019. • Commentators were sophisticated in their understanding of the law and all...more
According to reports, bank customers in Australia (yes, data breach notification requirements exist down under) have been affected by “an industry-wide” data breach experienced by a third-party service provider to the banks –...more
Data privacy and security legislation and enforcement saw significant activity in 2018 and early 2019. McDermott’s 2018 Digital Health Year in Review: Focus on Data report – the first in a four-part series – highlights...more
A Florida staffing agency which provides physicians to hospitals and nursing homes, has agreed to a $500,000 settlement with the U.S. Department of Health and Human Services, Office for Civil Rights. The settlement comes...more
After several years of cyberattacks, you may be lulled into thinking large, sophisticated companies have now employed adequate safeguards to prevent disclosure of your confidential information. Don’t be so sure. Earlier this...more
With California enacting a sweeping new data privacy law on June 28, now is the time for companies to review and adjust to how the California Consumer Privacy Act will impact their business. The act, which has broad...more
What You Need to Know Now - • The new law takes effect January 1, 2020, but there’s a lot to do so you need to start work now. • The new law expands the definition of personal information and gives California consumers...more
On February 12, 2018, the Commodity Futures Trading Commission (CFTC) settled charges against AMP Global Clearing LLC (AMP), a futures commission merchant (FCM), for the company’s failure to adequately supervise one of its IT...more