News & Analysis as of

Audits Data Protection Cybersecurity

Dacheng

China Monthly Data Protection Update: March 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for March. The following events merit special attention...more

Ankura

Ensuring Data Security and Confidentiality During E-Discovery

Ankura on

In the high-stakes world of legal due diligence, the security and confidentiality of sensitive information are paramount. With the increasing volume of electronically stored information (ESI) and the complexity of modern...more

Sheppard Mullin Richter & Hampton LLP

California’s Privacy Regulator Had a Busy November, Cybersecurity Audits and Insurance Edition: What Does It Mean for Businesses?

In the fourth in our series of new CCPA regulations from California, we look at both cybersecurity audit obligations as well as the impact of the CCPA on the insurance industry. Cybersecurity Audits The proposed rules address...more

Brooks Pierce

OIG Recommends Changes to HIPAA Audit Program to Strengthen Data Protections, Implications for Regulated Entities

Brooks Pierce on

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is required by law to perform periodic audits of covered entities and business associates to ensure their compliance with HIPAA Security Rule...more

Clark Hill PLC

The Value of an Effective HIPAA Compliance Program Amid OCR HIPAA Audits

Clark Hill PLC on

In 2024, the U.S. Department of Health and Human Services Office of Civil Rights (“OCR”) Director Melanie Fontes Rainer announced that OCR will resume auditing Health Information Portability and Accountability Act (“HIPAA”)...more

Ankura

Operational Implications of the New Bulk Sensitive Data Executive Order

Ankura on

On February 28, 2024, President Biden signed Executive Order 14117 (the EO), on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern.” The United...more

Mitratech Holdings, Inc

Caution! Credential Stuffing on the Rise

If you have a tendency to reuse the same password across multiple accounts, you could be leaving yourself (and your organization) exposed to risk. Credential stuffing, the stealthy technique fueling a recent explosion of...more

Epstein Becker & Green

2024 Update: Regulators Use “Carrots and Sticks” to Incentivize Healthcare Sector Cybersecurity Compliance

Epstein Becker & Green on

Healthcare organizations continue to be prime targets of cyberattacks. It is well-established that cyberattacks can lead to financial loss, reputational damage, and, in some cases, risks to patient care and safety. The recent...more

Constangy, Brooks, Smith & Prophete, LLP

Take these steps to safeguard against third-party cyber threats

The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more

Jackson Lewis P.C.

Top 10 for 2024 – Happy Data Privacy Day!

Jackson Lewis P.C. on

To celebrate Data Privacy Day (January 28), we present our top ten data privacy and cybersecurity predictions for 2024. 1. AI regulations to protect data privacy. Automated decision-making tools, smart cameras, wearables,...more

Seyfarth Shaw LLP

CPPA Considers Next Set of CPRA Regulations Covering Cybersecurity Audits and Risk Assessments

Seyfarth Shaw LLP on

The California Privacy Protection Agency (“CPPA”) issued and discussed draft regulations on Cybersecurity Audits and Risk Assessments late in the summer. The CPPA Board plans to discuss the draft regulations at its upcoming...more

Benesch

Privacy Floodgates Open: 13 U.S. State Data Protection Bring About Major Changes

Benesch on

Global Privacy Controls, vendor management, sensitive personal information, and the use of Ad Tech; new U.S. state data protection laws introduce twists to traditional notions of American data protection law. In the U.S.,...more

Wiley Rein LLP

California Eyes New Privacy, Cyber, and AI Obligations

Wiley Rein LLP on

California continues to forge ahead on potential new privacy, cybersecurity, and artificial intelligence (AI) obligations, including through its California Consumer Privacy Act (CCPA) rulemaking process and by launching a new...more

Epstein Becker & Green

California Privacy Protection Agency Public Board Meeting Sheds Light on Upcoming Risk Assessment and Cybersecurity Audit...

Epstein Becker & Green on

The five-member Board of the California Privacy Protection Agency (the “CPPA”) held a public meeting on September 8, 2023, to discuss a range of topics, most notably, draft regulations relating to risk assessments and...more

Robinson+Cole Data Privacy + Security Insider

AI and Audits: Proposed CCPA Regulations Up for Discussion

On September 8, 2023, the California Privacy Protection Agency (CPPA) will discuss the two new sets of proposed California Privacy Protection Act (CCPA) regulations. Here is a breakdown of the two new proposed regulations and...more

Wyrick Robbins Yates & Ponton LLP

Déjà Vu All Over Again: The CPPA Releases Draft Regulations on Cybersecurity Audits and Risk Assessments (Part 1 of 2)

On August 29, 2023, the California Privacy Protection Agency (“CPPA”) released a set of draft regulations on cybersecurity audits and risk assessments. For those who recall the multiple rounds of the CPPA’s draft CCPA...more

Health Care Compliance Association (HCCA)

[Event] 2024 Managed Care Compliance Conference - January 29th - 30th, Coronado, CA

Explore the unique issues that are pertinent to managed care professionals! This annual event dedicated to compliance management for health plan providers is returning to an in-person format for 2024. Join your peers and...more

Husch Blackwell LLP

CPPA Releases Draft Regulations on Risk Assessments and Cybersecurity Audits

Husch Blackwell LLP on

Keypoint: Although they are only draft regulations and not part of the formal rulemaking process, the drafts demonstrate the Agency’s intent to create extensive obligations for businesses subject to these regulations. In...more

Bradley Arant Boult Cummings LLP

DoDIG Audit of Controlled Unclassified Information (CUI) Program: Findings and Next Steps for Contractors

The Department of Defense Inspector General (DoDIG) recently released its “Audit of the DoD’s Implementation and Oversight of the Controlled Unclassified Information [CUI] Program” (DODIG-2023-078). The audit highlights some...more

Benesch

Privacy Points 2023: New State Laws Introduce New Audit and Internal Review Requirements for Personal Information Collection and...

Benesch on

Some states will affirmatively require annual audits of a business’s data collection and processing practices and—in some cases—to submit those audits to state regulators. With new US state data protection laws taking...more

Bass, Berry & Sims PLC

CPRA Draft Regulations – Next Round(s)

Bass, Berry & Sims PLC on

It has been a bustling fall for the California Privacy Protection Agency (CPPA or Agency). In the spirit of the upcoming holiday season, the Agency gifted us not one but two rounds of proposed modifications to the regulations...more

HaystackID

[Webcast Transcript] CFIUS Compliance: Your Approach May Be A Matter of National Security

HaystackID on

Editor’s Note: On July 27, 2022, HaystackID shared an educational webcast on the topic of Committee on Foreign Investment in the United States (CFIUS) compliance. CFIUS is a U.S. government interagency committee with the...more

Ankura

Implementing the Sedona Conference on Information Governance: Principles 4-6

Ankura on

The Sedona Conference is a widely known institute that is focused on the study of law and policy in many areas including Information Governance (IG). The Sedona Conference Commentary on Information Governance provides 11 IG...more

ArentFox Schiff

Privacy Report: FTC Warns Companies to Remediate Log4j Security Vulnerability

ArentFox Schiff on

FTC Warns Companies to Remediate Log4j Security Vulnerability - Log4j is a ubiquitous piece of software used to record activities in a wide range of systems found in consumer-facing products and services. Recently, a...more

Pillsbury Winthrop Shaw Pittman LLP

DOL Ups Its Game on Cybersecurity Program Oversight, Begins Audit Initiative

In light of a new DOL audit initiative and increasing cybersecurity threats to ERISA benefit plans, ERISA plan sponsors and fiduciaries should be prepared to answer some important questions: Do the cybersecurity programs of...more

44 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide