News & Analysis as of

Compliance Data Breach

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Ankura

Expert Insights on Resolving Common Cloud Computing Disputes

Ankura on

In today's business landscape, cloud computing is an essential component for scalability, cost-efficiency, and operational agility. However, as dependence on cloud services grows, disputes are becoming increasingly frequent....more

Epiq

Cyber Incidents on the Rise: Tips for Effective Data Breach Notification

Epiq on

Cyber incidents have been growing at an exponential rate in recent years. A recent report from the Identity Theft Resource Center found that there were over one billion data breach victims in Q2 of 2024, which is around five...more

DLA Piper

First PDPA Enforcement in Thailand: A Landmark Case

DLA Piper on

On August 21, 2024, the second expert committee appointed under the Thai Personal Data Protection Act (PDPA) of 2019, issued an administrative fine to a major private company involved in online sales. The company allowed a...more

Patterson Belknap Webb & Tyler LLP

SEC Settlement: Cybersecurity Internal Controls

Patterson Belknap Webb & Tyler LLP on

On June 18, 2024, the Securities and Exchange Commission (“SEC”) announced a $2.1 million civil penalty settlement of charges against R.R. Donnelley & Sons (“RRD”), a global provider of business communications services and...more

Thomas Fox - Compliance Evangelist

Navigating the New Frontier: SEC’s Enforcement Action on RR Donnelley and its Implications for Compliance

Thomas Fox - Compliance Evangelist on

In the ever-evolving compliance landscape, the recent enforcement action by the Securities and Exchange Commission (SEC) against RR Donnelley is a significant case study. This incident underscores the importance of robust...more

The Volkov Law Group

SEC Expands Internal Controls Provision to Cover Cybersecurity Incidents and Reaches $2.1 Million Settlement with R.R. Donnelley &...

The Volkov Law Group on

In a significant expansion of internal controls enforcement, the SEC announced a $2.1 million settlement with R.R. Donnelley & Sons Co. (“RRD”) for its handling of a 2021 ransomware attack and resulting disclosure failures. ...more

Katten Muchin Rosenman LLP

New Rules for Investment Advisers and Brokers Relating to Cybersecurity Breaches

Katten Muchin Rosenman LLP on

On May 16, the Securities and Exchange Commission (SEC) unanimously approved amendments to Regulation S-P, which imposes new rules relating to cybersecurity breaches involving investment advisers and brokers. Larger entities...more

Epiq

The Rise of ADA and Data Breach Class Actions

Epiq on

Class action lawsuits have been on a record-setting upward trend in recent years and they aren’t showing any signs of slowing. According to the Duane Morris Class Action Review 2024, settlement numbers reached unprecedented...more

SEC Compliance Consultants, Inc. (SEC³)

Regulatory Roundup for May 2024

SEC Compliance Consultants, Inc. (SEC³) on

SEC DROPS NEW REQUIREMENT FOR INCIDENT RESPONSE PROGRAMS, PROPOSAL FOR RIAS TO ADOPT CIP, SEC EXAMS SHARES MARKETING RULE FAILURES, RIA SLAMMED FOR FAILING TO RETAIN TEXTS, AND SEC WINS ON SHADOW TRADING THEORY - Welcome to...more

HaystackID

New Cyber Regulations Define Battle Lines in Corporate and Infrastructure Security

HaystackID on

Amidst an ever-evolving cyber threat landscape, a recent slew of regulatory updates and cybersecurity standards are defining a new battlefront for securing critical infrastructure and corporate data across varying sectors....more

PilieroMazza PLLC

Coming Soon! CISA’s Proposed Rule on Government-wide Cybersecurity Reporting Requirements for Contractors

PilieroMazza PLLC on

The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more

Rumberger | Kirk

Understanding How Generative AI Can Affect Your Business' Data Privacy And Ownership Is Crucial

Rumberger | Kirk on

“In assessing a generative AI product, it is critical to understand issues of data ownership and privacy. This cumbersome task is necessary to learn how the AI platform will use data, if the data shared is entering an open or...more

WilmerHale

8 Questions To Ask Before Final CISA Breach Reporting Rule

WilmerHale on

On April 4, the Cybersecurity and Infrastructure Security Agency published a notice of proposed rulemaking setting out mandatory reporting requirements for covered entities that experience cybersecurity incidents or make...more

Fenwick & West LLP

Cyber Resilience After the Change Healthcare Breach

Fenwick & West LLP on

More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more

International Lawyers Network

Data Privacy Guide - Brazil

International Lawyers Network on

Introduction - The Brazilian General Data Protection Law (“LGPD”), enacted in 2018 and enforced since 2020, serves as the cornerstone of the country's data protection framework. Its primary objective is to ensure the...more

Society of Corporate Compliance and Ethics...

[Event] Regional Compliance & Ethics Conference - May 3rd, Lewis Center, OH

Society of Corporate Compliance and Ethics... on

Looking for compliance education and networking in your area? SCCE & HCCA’s Regional Compliance & Ethics Conferences bring compliance practitioners from all disciplines together for convenient, local compliance education....more

Health Care Compliance Association (HCCA)

[Event] Regional Compliance & Ethics Conference - May 3rd, Lewis Center, OH

Health Care Compliance Association (HCCA) on

Looking for compliance education and networking in your area? SCCE & HCCA’s Regional Compliance & Ethics Conferences bring compliance practitioners from all disciplines together for convenient, local compliance education....more

Snell & Wilmer

The Department of Justice Is Building a Data Security Protection and Enforcement Program

Snell & Wilmer on

In response to President Biden’s Executive Order authorizing increased data privacy measures, Assistant Attorney General (AAG) Matthew G. Olsen announced that the National Security Division of the Department of Justice (DOJ)...more

Alston & Bird

Board Oversight and Cyber Breach Response: What Involvement Strikes the Right Balance?

Alston & Bird on

New regulations continue to push boards in the direction of active engagement in their cyber oversight role, including breach response. But, how can boards strike the right balance in their oversight role during a significant...more

Benesch

Annual Report to Congress on Breaches of Unsecured Protected Health Information

Benesch on

The U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) recently published an executive summary (Report) outlining key enforcement activities of the Health Insurance Portability and...more

Arnall Golden Gregory LLP

Responding to a Third-Party Data Breach: Practical Legal and Compliance Steps

Arnall Golden Gregory LLP on

Cyberattacks and data incidents are rapidly increasing, and third-party services companies are a frequent source of exposure for healthcare providers. Healthcare is a prime target for cybercriminals, with ransomware and...more

Latham & Watkins LLP

ستة أشهر حتى سريان النظام: خطوات الامتثال الرئيسية لنظام حماية البيانات في المملكة العربية السعودية

Latham & Watkins LLP on

يُعد نظام حماية البيانات الشخصية (النظام) أول نظام شامل لحماية البيانات في المملكة العربية السعودية. من المتوقع أن تبدأ الهيئة السعودية للبيانات والذكاء الاصطناعي (الهيئة) في الإنفاذ الكامل للنظام اعتبارًا من 14 سبتمبر 2024،...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Health Care Compliance Association (HCCA) on

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

American Conference Institute (ACI)

[Event] FCPA & Anti-Corruption for the Life Sciences Industry - May 9th - 10th, New York, NY

American Conference Institute (ACI) on

Hosted by the American Conference Institute, the 19th Annual FCPA & Anti-Corruption Conference for the Life Sciences Industry returns for another exciting year with carefully researched programming based on critical findings...more

Mayer Brown

EU Cyber Legislation Puts Emphasis on Board Responsibility

Mayer Brown on

What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more

285 Results
 / 
View per page
Page: of 12
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide