Third-Party Data Breach

News & Analysis as of

SEC Charges Investment Adviser With Failure to Adopt Proper Cybersecurity Policies and Procedures

A registered investment adviser agreed to settle SEC charges that it failed to adopt adequate cybersecurity policies and procedures reasonably designed to protect customer records and information as required by Rule 30(a) of...more

SEC Announces Cybersecurity Enforcement Action

On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation...more

SEC Provides Additional Information On Cybersecurity Examinations

On September 15, 2015, the Security and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert to provide additional information on the areas of focus for its second round of...more

OCIE’s 2015 Cybersecurity Examination Initiative

Second Round of Cybersecurity Examinations to Begin - On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing a...more

Recent Enforcement Shows the Importance of Encrypting Mobile Devices Containing Protected Health Information

With headlines every day announcing another release of Protected Health Information (PHI), providers are asking themselves – is there a way to protect against these breaches? Beyond improving the security of large...more

SEC and DOJ Hacking Prosecutions Highlight SEC’s Increased Interest in Cybersecurity Risks

Companies are reminded of the need for strong internal controls. The US Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) recently filed civil and criminal actions in the largest hacking and...more

FCC Settles First Data Security Enforcement Action

On July 9, 2015, the Federal Communications Commission settled its first data security case with two related telecommunications carriers – TerraCom, Inc. and YourTel America, Inc. – for $3.5 million. The settlement resolves...more

Privacy Monday – July 2015

Welcome to the dog days of summer 2015. Three privacy & security bits and bytes to start your week (if you are reading this on vacation … good for you!) 1. ICYMI: Massive Data Breach at OPM Claims Victim — The Director...more

Privacy & Cybersecurity Update - April 2015

In This Issue: - DOJ Issues Cyber Preparation and Response Guidance - RadioShack’s Plan to Auction Customer Data Highlights Issues Over Treatment of Such Data as an Asset - Google v. Vidal-Hall and...more

The Evolving U.S. Cybersecurity Landscape: What Firms Want to Know

Following a year of high-profile data breaches, the Securities and Exchange Commission (SEC) announced on January 13, 2015 that, for the second consecutive year, its Office of Compliance Inspections and Examinations (OCIE)...more

California Attorney General Issues Privacy Guidelines for Websites

In the wake of numerous high-profile breaches of user privacy and complaints about sites that track the online activity of users, California Attorney General Kamala Harris has released a 28-page set of recommendations for how...more

Kentucky Enacts Data Breach Notification Laws

On April 10, 2014, Kentucky became the 47th state to enact data breach notification laws. The new Kentucky law applies to “Information Holder[s],” defined as a persons or business entities that conduct business in Kentucky,...more

Burr Alert: New HIPAA Rules Issued: “Sweeping” Changes For Healthcare Providers And Business Associates

On January 17, 2013, the Department of Health and Human Services (“HHS”) released its long awaited final HIPAA rule, which significantly expands certain obligations for healthcare providers and their business associates (the...more

Breaking Down The HIPAA Changes: Part 1 Of 5 What Covered Entities And Business Associates Need To Do To Comply With The Final...

In This Issue: - Brief Overview of Key Modifications in the Final Rule - Suggested Action Items for Compliance with the Final Rule ..Covered Entities ..Business Associates - Consequences of Noncompliance...more

HHS Overhaul of HIPAA: Summary of New Obligations for Covered Entities and Business Associates

On January 17, 2013, the Department of Health and Human Services (HHS) posted Modifications to the HIPAA Privacy, Security, Enforcement, and Breach Notification Rules [PDF] (the Final Rule) under the authority of the HITECH...more

15 Results
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:

Sign up to create your digest using LinkedIn*

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.