News & Analysis as of

Compliance Data Security Hackers

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
PilieroMazza PLLC

Coming Soon! CISA’s Proposed Rule on Government-wide Cybersecurity Reporting Requirements for Contractors

PilieroMazza PLLC on

The Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA) was enacted in 2022 with the primary purpose of preserving national security, economic security, and public health and safety. CIRCIA provides the Director...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2023

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

J.S. Held

Water Cybersecurity? EPA Mandates Regulations to Prevent Cyberattacks on Public Water Systems

J.S. Held on

EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more

Health Care Compliance Association (HCCA)

Nick Culbertson on Compliance Breaches in Healthcare

Preventing data breaches is a critical task for all businesses these days, but it’s especially so in healthcare. No one wants to see health information disclosed, and the risks of a ransomware attack are enormous, literally...more

Oberheiden P.C.

Cybersecurity Compliance Programs for Law Firms

Oberheiden P.C. on

Law firms process sensitive information on a daily basis. Confidential client data is targeted by hackers and insiders for a variety of reasons including financial gain or retaliatory purposes. When a law firm has a security...more

NAVEX

[Webinar] Top Risk Management Lessons from the SolarWinds Hack - January 27th, 10:00 am - 11:00 am PT

NAVEX on

Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds...more

NAVEX

3 Coronavirus Compliance Tips From the SEC

NAVEX on

The coronavirus crisis is far from over, and compliance professionals still need every scrap of guidance that regulators can provide about how to run compliance programs in these difficult times. So when the Securities and...more

Health Care Compliance Association (HCCA)

[Virtual Event] 2020 COVID-19 Essentials for Healthcare Compliance Programs - July 21st, 11:00 am CT

HCCA has assembled a half-day virtual conference to help compliance professionals stay on top of the fast-moving changes caused by the COVID-19 pandemic. By participating in this event, you will hear directly from the...more

The Volkov Law Group

Data Privacy and Security – What is the Difference?

The Volkov Law Group on

The terms “Data Privacy and Security” are being thrown around a lot lately. Just recently, England’s health services and medical facilities were shut-down and the target of a ransom note (demanding, of course, payment in...more

Littler

Recent Amendments to Security Breach Notification Laws Further Complicate Breach Notification for Employers

Littler on

It is not a matter of "if" but "when" an employer will be required to notify employees of a security breach.  Forty-seven states require employers to notify employees when defined categories of personal information, including...more

Perkins Coie

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Perkins Coie on

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

Bilzin Sumberg

Alphabet Soup and Data Security

Bilzin Sumberg on

In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more

Blank Rome LLP

Mainbrace: October 2015, No. 4

Blank Rome LLP on

As with the world economy, the shipping markets are currently experiencing a major bout of volatility. The wide range of matters we are handling in our maritime law practice certainly reflects the current swings the shipping...more

Robinson+Cole Data Privacy + Security Insider

OIG report spurs OCR to announce phase 2 audits

On September 29, it was revealed that the HHS Office for Civil Rights (OCR) will commence Phase 2 of its HIPAA audit program in “early 2016.” OCR’s revelation regarding the Phase 2 audits, which had been the subject of...more

Perkins Coie

SEC’s Increased Cybersecurity Enforcement and How to Reduce Your Risks

Perkins Coie on

The SEC announced last week that an investment adviser had agreed to settle charges that it failed to take required steps to protect against and respond effectively to a cybersecurity breach. The action comes on the heels of...more

BakerHostetler

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

BakerHostetler on

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

Akerman LLP - Health Law Rx

Evolving Litigation of Data Breach Claims

An Illinois circuit court judge has dismissed five of six claims in a consolidated class action against Advocate Health and Hospital Corporation arising from a data breach in July 2013. The judge’s dismissal with prejudice...more

Troutman Pepper

SEC Releases First Cybersecurity Enforcement Action for Failure to Protect Client Data

Troutman Pepper on

The SEC’s focus in the action was not on the manner of the firm’s responses to the breach or whether there was any actual harm, but predominantly on the adequacy of the firm’s written policies for safeguarding customer...more

Seyfarth Shaw LLP

OCR Enters into $750,000 Settlement with Physician Practice for HIPAA Violations

Seyfarth Shaw LLP on

On September 2, the Department of Health and Human Services Office of Civil Rights (OCR) announced a settlement with Cancer Care Group, P.C., a thirteen-physician oncology practice in Indiana related to violations of the...more

Robinson+Cole Data Privacy + Security Insider

Interim rule requires Department of Defense contractors to report cyber breaches

Companies doing business with the U.S. Department of Defense are facing new requirements for reporting data security breaches and for acquiring cloud computing services. The Interim Rule, effective August 26, 2015, amends the...more

Skadden, Arps, Slate, Meagher & Flom LLP

Privacy & Cybersecurity Update - August 2015

Third Circuit Affirms FTC’s Authority Over Cybersecurity: In the Wyndham case, the Third Circuit affirmed that the FTC has the authority to regulate cybersecurity under Section 5 of the FTC Act, and that the language of...more

Baker Donelson

Think Big Picture – minimize corporate export compliance risks while protecting your information security

Baker Donelson on

Recently I have attended several cyber security conferences. What I have learned about protecting information has changed how I view export controls. Senior management and board members should think about the big picture as...more

Orrick, Herrington & Sutcliffe LLP

New Guidance for Financial Institution Directors and Officers In Cybersecurity Preparedness

Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more

Holland & Knight LLP

OMB Issues Guidance on Government Contractors’ Cybersecurity Systems

Holland & Knight LLP on

The Office of Management and Budget (OMB) released a draft guidance document on Aug. 11, 2015, titled “Improving Cybersecurity Protection in Federal Acquisitions” (the “OMB Guidance”). The OMB Guidance instructs agencies on...more

24 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide