Michael Slipsky on Risk Management

New York Fires First Salvo Under Cybersecurity Law

The New York Department of Financial Services (NYDFS) has launched its first enforcement action under New York’s Cybersecurity law for financial services, so-called Part 500. Part 500 requires NYDFS licensed institutions to...more

9/23/2020 / Banking Sector , Chief Information Security Officer (CISO) , Cybersecurity , Cybersecurity Framework , Data Protection , Financial Institutions , Financial Services Industry , Information Technology , Insurance Industry , NYDFS , Personally Identifiable Information , Popular , Risk Assessment , Risk Management

Cybersecurity and Incident Response In A Time of Coronavirus

We enjoy Jerry Bruckheimer movies. Living in one is another matter. COVID-19 has generated scenes that give us pause. An empty Times Square. A Los Angeles with moving traffic. A Washington eerie in its silence. Closed stores....more

5/14/2020 / Coronavirus/COVID-19 , Cybersecurity , Data Protection , Remote Working , Risk Management , Telecommuting

Ten Things To Know About North Carolina's Data Protection Bill

As Congress continues to wrestle with federal privacy legislation, the states have been lining up alternative proposals. North Carolina has introduced its own bipartisan bill. The bill, H.B 904, will not pass this year. Even...more

6/19/2019 / Cybersecurity , Data Breach , Data Protection , Legislative Agendas , Personally Identifiable Information , Proposed Legislation , Risk Management , State and Local Government , State Data Breach Notification Statutes

Five Frequently Overlooked Mistakes in HIPAA Compliance

HIPAA was enacted in 1996. In the years since, most healthcare entities have adapted to the major requirements imposed by HIPAA, HITECH, and the Privacy and Security Rules. Nevertheless, the thicket of regulations still...more

7/24/2018 / Business Associates , Covered Entities , Data Protection , Data Security , Health Insurance Portability and Accountability Act (HIPAA) , Patient Privacy Rights , PHI , Risk Assessment , Risk Management

A Bipartisan Proposal to Beef Up North Carolina's Identity Theft Protection Act

Data privacy regulation tends to take one of two general approaches. In most of the world—but not in the United States—the approach is usually characterized as “omnibus.” Under an omnibus regime, privacy rights are defined at...more

5/31/2018 / Data Privacy , Health Insurance Portability and Accountability Act (HIPAA) , Identity Theft , Personally Identifiable Information , Proposed Legislation , Risk Management , State Data Breach Notification Statutes

Lessons from the Equifax Breach

As data breaches go, they don’t get much bigger than this. On Thursday, September 7, credit reporting giant, Equifax, reported that it had suffered a cyber-incident. 143 million consumer records, including names, birth dates,...more

9/19/2017 / Cloud Storage , Cyber Attacks , Cybersecurity , Data Breach , Equifax , Personally Identifiable Information , Risk Management

The WannaCry Affair - Three Cyberinsurance Related Tips for Clients

As we have previously noted, a recent ransomware attack crippled over 75,000 computers in over 100 countries. The “WannaCry” appears to be the largest Ransomware attack to date. However, cyber-experts are already warning of a...more

5/18/2017 / Cyber Attacks , Cyber Insurance , Ransomware , Risk Management

Ten Common Problems That Plague Privacy Policies

In my software consulting years, it was remarkably routine for clients to concede that they had never read their own procedures and documents. While it lent itself to amusing anecdotes like the database administrator who...more

9/1/2016 / Employer Liability Issues , Privacy Policy , Risk Assessment , Risk Management

Michael Slipsky

Poyner Spruill LLP

Popular Topics by This Author

Latest Posts › Risk Management