News & Analysis as of

Compliance Information Technology

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Thomas Fox - Compliance Evangelist

Tone at the Top Week: Part 3-Email as a Strategic Compliance Tool

We continue our exploration of how CEOs and senior executives are uniquely positioned to drive home the importance of ethical behavior and adherence to compliance regulations. Today, we consider the humble email and how it...more

Ankura

New Health Information Technology Standards for Medicare Part D

Ankura on

On June 17, 2024, the final rule for Medicare Part D introduced new health IT standards, mandating the adoption of NCPDP SCRIPT Standard version 2023011 by January 1, 2028, while the NCPDP Formulary and Benefit (F&B) Standard...more

McCarter & English Blog: Government Contracts...

DOJ Went Down to Georgia: Lessons Learned from Recent Cybersecurity Enforcement Actions

Some might say there’s little difference between dealing with the devil and being a federal contractor. And for the unwary or unprepared, that may not be far off. Federal contracting comes with a litany of “fine print” that...more

Wiley Rein LLP

Policy Patches: An Update on Software Security Regulation

Wiley Rein LLP on

So far, 2024 has been another very busy year for U.S. cybersecurity regulation. Among the top priorities has been software security, as we previewed early this year. Companies that sell software to the federal government or...more

Mitratech Holdings, Inc

After the Microsoft Outage: The Lingering Impact and Global Outlook on Business Continuity Planning (BCP)

In the aftermath of what could be one of the most widespread global information technology outages in history, organizations are putting a renewed focus on combating old vulnerabilities that can have cascading effects. ...more

Venable LLP

Offensive Security Under the EU Digital Operational Resilience Act (DORA)

Venable LLP on

The Digital Operational Resilience Act (DORA) regulation is part of the European Union’s (EU) strategy to enhance the overall stability of the EU financial system by ensuring that financial entities are resilient to digital...more

Sheppard Mullin Richter & Hampton LLP

Data, Deals, and Diplomacy: How the Bulk Data Executive Order Will Shape Future Contracts and Security Practices

For companies in the U.S. that hold certain personal data and U.S. Government-related data, rules stemming from recent Executive Order (“EO”) 14117 on “Preventing Access to Americans’ Bulk Sensitive Personal Data and United...more

The Volkov Law Group

Dancing on the Head of a Pin: Corporate Boards, Committees and Cybersecurity Risk Management

The Volkov Law Group on

No one was surprised when compliance and risk publications cited cybersecurity as the number one risk that corporations face today.  While this is a relatively simplistic and head-line grabbing statement, the truth remains...more

Opportune LLP

On-Prem Servers vs Azure Cloud: Choosing the RightAngle…

Opportune LLP on

In today's digital landscape, businesses face a choice when implementing RightAngle, do they use their existing on-prem servers and infrastructure, or do they create a new infrastructure and provision servers for the...more

Mayer Brown

EU Cyber Legislation Puts Emphasis on Board Responsibility

Mayer Brown on

What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more

The Volkov Law Group

Data Privacy Update — Keeping Up with Developments

The Volkov Law Group on

When it comes to data privacy and regulation of personal information, United States companies face a number of major challenges.  Compliance is not easy when you have fast-moving targets.  The single biggest cause of this...more

Goodwin

What DORA Means for Fund Managers

Goodwin on

Q: What is DORA? “DORA” stands for the Digital Operational Resilience Act, an EU regulation that creates a new framework for the EU financial sector with regard to information and communications technology (ICT)....more

The Volkov Law Group

“Person” of the Year: Technology and the Challenges for Ethics and Compliance

The Volkov Law Group on

I always enjoy retrospective “year in review” postings to start off the new year.  For years, I have sought to identify and capture important compliance trends, typically focused on specific professionals in the compliance...more

Health Care Compliance Association (HCCA)

Behavioral health, artificial intelligence, and compliance

Technology’s exponential development and use in healthcare provides potentially significant benefits for behavioral health patients but also raises ethical and compliance concerns. The most recent technological advance...more

Health Care Compliance Association (HCCA)

[Event] Regional Healthcare Compliance Conference - January 19th, Charlotte, NC

Looking for compliance education and networking in your area? HCCA’s Regional Healthcare Compliance Conferences offer practitioners convenient, local compliance education on a wide variety of current and emerging topics...more

Thomas Fox - Compliance Evangelist

Assessing Communication Compliance: Ephemeral Messaging and Retention

I recently had the opportunity to visit with Alex Cotoia, Regulatory Manager, and Daniela Melendez, an Associate at The Volkov Law Group, on the importance of addressing electronic communications preservation and management...more

Mitratech Holdings, Inc

4 Legal Hold Tips We’re Grateful for This November

Mitratech Holdings, Inc on

Dive into the do’s and don’ts of data preservation, custodianship, legal hold release expectations, and more. It is the season of giving thanks, and we’d be remiss if we didn’t acknowledge the tips and tricks that...more

American Conference Institute (ACI)

Navigating U.S. Sanctions and Export Control Restrictions

Over the last several months, companies have become entangled in an increasingly complex web of new and expanded sanctions and export control restrictions related to Russia in response to its war on Ukraine. The current...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2023

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Orrick, Herrington & Sutcliffe LLP

RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk

Matt Van Buskirk, co-founder of Hummingbird Regtech, joins RegFi hosts Jerry Buckley and Sherry Safchuk for a conversation about the importance of equipping regulators and in-house compliance teams with the tools and...more

Thomas Fox - Compliance Evangelist

SEC, Solar Winds and Compliance

The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more

Skadden, Arps, Slate, Meagher & Flom LLP

What Does the SEC’s Complaint Against SolarWinds Mean for CISOs and Boards?

On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more

Epiq

Moving Information Governance to the Driver’s Seat to Accelerate Cyber Breach Response

Epiq on

Information Governance often takes a back seat to other organizational initiatives. But why is this the case? The list of reasons is long and varied. Not knowing where to start or how to build strategic approaches to...more

NAVEX

Risk Management 101: The Human Touch

NAVEX on

In the first part of Risk Management 101, we focused on the foundational elements of risk management. In part two, we’ll look at how the people who keep your organization running, with their unique insights, skills and...more

HaystackID

[Webcast Transcript] M365 for Law Firms and Lawyers: Purview Premium eDiscovery and Security, Capabilities and War Stories

HaystackID on

Editor’s Note: In a rapidly evolving technological landscape, understanding the capabilities and limitations of platforms like Microsoft 365 (M365) is crucial for law firms, especially in the realms of eDiscovery and...more

120 Results
 / 
View per page
Page: of 5

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide