On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more
1/23/2025
/ Business Associates ,
Compliance ,
Critical Infrastructure Sectors ,
Cyber Threats ,
Cybersecurity ,
Data Protection ,
Data Security ,
Department of Health and Human Services (HHS) ,
Electronic Protected Health Information (ePHI) ,
Health Insurance Portability and Accountability Act (HIPAA) ,
HIPAA Security Rule ,
HITECH Act ,
Multi-Factor Authentication ,
OCR ,
PHI ,
Proposed Rules ,
Public Comment ,
Risk Management
On October 16, 2024, the New York Department of Financial Services (NYDFS) issued an industry letter entitled “Cybersecurity Risks Arising from Artificial Intelligence and Strategies to Combat Related Risks” in response to...more
11/4/2024
/ Artificial Intelligence ,
Covered Entities ,
Cyber Attacks ,
Cybersecurity ,
Data Management ,
Financial Services Industry ,
NYDFS ,
Risk Assessment ,
Risk Management ,
Social Engineering ,
Third-Party Risk
On May 15, 2024, the Securities and Exchange Commission (the “SEC”) adopted amendments to Regulation S-P. Originally passed in 2000, Regulation S-P regulates the treatment of non-public personal information of consumers by...more
6/5/2024
/ Broker-Dealer ,
Customer Information ,
Cybersecurity ,
Data Breach ,
Financial Institutions ,
Incident Response Plans ,
Investment Adviser ,
Personal Information ,
Recordkeeping Requirements ,
Registered Investment Companies (RICs) ,
Regulation S-P ,
Reporting Requirements ,
Securities and Exchange Commission (SEC)
On May 8, 2024, Paul Hastings hosted the Cybersecurity Law Workshop at this spring’s Privacy + Security Forum featuring a panel on cybersecurity insurance trends and insights. The panel was moderated by Paul Hastings’ David...more
On May 8, 2024, Paul Hastings Hosted the Cybersecurity Law Workshop at this spring’s Privacy + Security Forum with a panel on cybersecurity regulatory trends and recent developments. The panel was moderated by Paul Hastings...more
On May 8, 2024, Paul Hastings Hosted the Cybersecurity Law Workshop at this spring’s Privacy + Security Forum with a panel on perspectives from cybersecurity regulators. The panel was moderated by Paul Hastings Global Chair...more
Last week, Paul Hastings attended the Securities and Exchange Commission (SEC) Speaks 2024 event presented by the Practising Law Institute (PLI) in cooperation with the SEC on April 1 and 2. The SEC Speaks program provides...more
4/9/2024
/ Artificial Intelligence ,
Corporate Governance ,
Cyber Incident Reporting ,
Cyber Threats ,
Cybersecurity ,
Disclosure Requirements ,
Due Diligence ,
Form 10-K ,
Form 8-K ,
Information Technology ,
NASA ,
Reporting Requirements ,
Risk Management ,
Securities and Exchange Commission (SEC)
On March 27, 2024, the Cybersecurity & Infrastructure Security Agency (“CISA”) released proposed regulations requiring expansive new cybersecurity incident and ransomware payment reporting across sixteen “critical...more
4/2/2024
/ Critical Infrastructure Sectors ,
Cyber Attacks ,
Cyber Incident Reporting ,
Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) ,
Cybersecurity ,
Cybersecurity Information Sharing Act (CISA) ,
Data Breach ,
Data Security ,
Department of Defense (DOD) ,
DFARS ,
Federal Information Security Modernization Act (FISMA) ,
Healthcare ,
Information Technology ,
NERC ,
Popular ,
Proposed Regulation ,
Ransomware ,
Reporting Requirements ,
Water
On October 30, 2023, the Biden-Harris Administration unveiled a sweeping Executive Order on the Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence (AI). The Executive Order represents the most...more
11/1/2023
/ Artificial Intelligence ,
Biden Administration ,
Consumer Protection Laws ,
Critical Infrastructure Sectors ,
Cybersecurity ,
Directorate of Defense Trade Controls (DDTC) ,
Executive Orders ,
Healthcare ,
Immigration Procedures ,
National Security ,
NIST ,
Popular ,
Risk Management ,
U.S. Commerce Department
Paul Hastings attended the 2023 Global Privacy Summit (GPS) hosted by the International Association of Privacy Professionals (IAPP). Privacy professionals from all over the world gathered in Washington, D.C. to learn about...more
On March 15, 2023, the SEC issued proposed amendments and a proposed rule addressing cybersecurity. Specifically, the SEC proposed Rule 10, which addresses cybersecurity risks, and proposed to amend Regulation SCI and...more
3/30/2023
/ Cyber Incident Reporting ,
Cybersecurity ,
Incident Response Plans ,
MSRB ,
Notification Requirements ,
Policies and Procedures ,
Popular ,
Proposed Amendments ,
Recordkeeping Requirements ,
Regulation S-P ,
Securities and Exchange Commission (SEC)