Greg Walters is an attorney in the Cyber Risk and Governance Branch at the SEC. But in this podcast he’s not speaking as an enforcer but as someone who has seen a lot of compliance training during his career as a government...more
In 2023 the US Securities and Exchange Commission adopted rules “requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their...more
ISO 27001 is the leading standard for information security management systems. As Mel Blackmore, CEO of UK-based Blackmores explains, it is a framework that applies and is of value regardless of an organization’s size, sector...more
here’s no General Data Protection Regulation (GDPR) in the US. Absent a comprehensive, national privacy law, states have stepped in to fill the gap.
As Adam Greene, Partner at Davis Wright Tremaine, explains in this podcast,...more
At the 2024 SCCE European Compliance & Ethics Institute, Segev Shani, Chief Compliance & Regulatory Officer at Neopharm Group will be leading the session “Corporate Use of Third-Party Artificial Intelligence (AI) Tools.”
In...more
Economic espionage sounds more like the stuff of a spy thriller than a day-to-day concern for business. Not so, as it turns out. To learn more we sat down with the FBI’s Counterintelligence Division Unit Chief Matthew Charles...more
While many of the world’s governments are struggling to determine what to do about AI, Brazil already has a track history in this area. As Maria Victoria Mota, Corporate Attorney at Viapol (a subsidiary of RPM), explains in...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
4/21/2022
/ Cybersecurity ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Healthcare Workers ,
HIPAA Privacy Rule ,
HIPAA Security Rule ,
Home Offices ,
Mobile Device Management ,
Multi-Factor Authentication ,
Network Security ,
Passwords ,
Personally Identifiable Information ,
PHI ,
Phishing Scams ,
Policies and Procedures ,
Remote Working ,
Risk Management ,
Risk Mitigation ,
Telehealth ,
Videoconference
Matt Kelly, Editor & CEO of Radical Compliance makes a strong case in this podcast for a need to reassess cyber risk. It is becoming, he says, less of a technical issue and more about how companies interact with others: ...more
While organizations have increasingly embraced cloud computing as a solution to their data management and other needs, they do so in an environment of heightened risks. Attacks on cloud providers are increasing, which makes...more
9/23/2021
/ Cloud Computing ,
Cloud Service Providers (CSPs) ,
Compliance ,
Cyber Attacks ,
Cybersecurity ,
Data Management ,
Data Privacy ,
Data Protection ,
Data Security ,
Risk Management ,
Third-Party Risk
Liverpool-based Jenny Radcliffe, who leads Human Factor Security, is not your typical hacker, clad in a black hoodie and working out of basement. Rather than spending her time hunched over a keyboard, she seeks to hack...more
7/22/2021
/ Bad Actors ,
Cyber Attacks ,
Cyber Crimes ,
Cybersecurity ,
Data Breach ,
Data Security ,
Hackers ,
Phishing Scams ,
Popular ,
Stress Tests ,
Threat Management
Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more
7/15/2021
/ Business Associates ,
Compliance ,
Cyber Attacks ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Hackers ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Hospitals ,
PHI ,
Physicians ,
Popular ,
Ransomware ,
Risk Mitigation
When a data breach occurs, one step is often overlooked in the rush to remediate: preserving as much of the data logs and backups as possible That’s a mistake, say Debra Geroux, Shareholder at Butzel Long and Scott Wrobel,...more
6/10/2021
/ Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Insurance ,
Cybersecurity ,
Data Breach ,
Data Security ,
Hackers ,
Health Care Providers ,
Incident Response Plans ,
Phishing Scams ,
Security Risk Assessments
America’s data is under attack. Solar Winds and other recent headline-grabbing stories have demonstrated that foreign adversaries are eager to hack into computer systems for a wide range of purposes.
The US Department of...more
6/3/2021
/ Certification Requirements ,
Chief Information Officers (CIO) ,
Chief Information Security Officer (CISO) ,
Controlled Unclassified Information (CUI) ,
Corporate Governance ,
Cyber Attacks ,
Cyber Threats ,
Cybersecurity ,
Cybersecurity Maturity Model Certification (CMMC) ,
Data Breach ,
Data Security ,
Defense Sector ,
Department of Defense (DOD) ,
Federal Contractors ,
Policies and Procedures ,
Supply Chain
Privacy continues to be a challenging issue for healthcare providers. Chrissy Kyak, Compliance & Privacy Officer for Medstar Georgetown University Hospital, MedStar Montgomery Medical Center and MedStar Health Research...more
3/4/2021
/ Chief Compliance Officers ,
Chief Privacy Officer ,
Compliance ,
Coronavirus/COVID-19 ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
Health Care Providers ,
Infectious Diseases ,
Patient Privacy Rights ,
PHI ,
Physicians
Recently the Health Care Compliance Association released the new Health Care Privacy Handbook, 3rd Edition.
https://www.hcca-info.org/health-care-privacy-handbook
To learn what’s new in the book and in healthcare privacy...more
12/22/2020
/ Chief Compliance Officers ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Electronic Protected Health Information (ePHI) ,
FERPA ,
Health Care Providers ,
Health Insurance Portability and Accountability Act (HIPAA) ,
Health Plan Sponsors ,
HIPAA Breach ,
HIPAA Breach Notification Rule ,
HIPAA Security Rule ,
Medical Records ,
Patient Privacy Rights ,
PHI ,
Privacy Act of 1974
Staying on top of what’s new in data privacy is tough. As Robert Bond, Partner and Notary Public at the UK-based law firm Bristows explains, over 100 countries have drafted or implemented new data privacy laws in 2019.
To...more
9/3/2020
/ California Consumer Privacy Act (CCPA) ,
Compliance ,
Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Protection ,
Data Security ,
Data Subjects Rights ,
General Data Protection Regulation (GDPR) ,
International Data Transfers ,
Personally Identifiable Information ,
Privacy Laws ,
Third-Party Risk
It’s tough complying with data privacy laws. You spend gazillions of dollars complying with GDPR, and then you have to spend a bunch more in response to the California Consumer Privacy Act (CCPA). Job done, right?
Not...more
5/7/2020
/ Consumer Privacy Rights ,
Cybersecurity ,
Data Collection ,
Data Privacy ,
Data Processors ,
Data Protection ,
Data Retention ,
Data Security ,
Data Storage ,
Data Subjects Rights ,
Personally Identifiable Information ,
Privacy Laws
When responding to COVID-19, it’s important to both scrub your hands and also scrub your data practices.
As Jonathan Armstrong, partner at Cordery Compliance explains in this podcast, organizations – and not just those based...more
Supply chains are emerging as an increasingly complex risk area for compliance. The risk includes trade compliance, vendor management issues associated with cyber/privacy, product compliance, REACH, ROHS and California...more
2/6/2020
/ Compliance ,
Corporate Social Responsibility ,
Cybersecurity ,
Data Privacy ,
Exports ,
Imports ,
Popular ,
Risk Management ,
Supply Chain ,
Trade Policy ,
Transparency ,
Vendors
Mark Lanterman, Chief Technology Officer of Computer Forensic Services lives technology at its most terrifying, helping organizations manage the risks of the IT we all use constantly.
Recently he authored an article...more
1/7/2020
/ Business Strategies ,
Chief Compliance Officers ,
Compliance ,
Crisis Management ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cybersecurity ,
Data Breach ,
Data Privacy ,
Data Protection ,
Data Security ,
Incident Response Plans ,
Information Technology ,
Passwords ,
Policies and Procedures ,
Public Relations ,
Risk Management ,
Risk Mitigation