News & Analysis as of

Compliance Risk Management Cybersecurity

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Health Care Compliance Association (HCCA)

Top Healthcare Compliance Priorities for 2025

Health Care Compliance Association (HCCA) on

Recently Protiviti released an intriguing report: Top Compliance Priorities for U.S. Healthcare Organizations in 2025. In this podcast their Global Healthcare Compliance Leader, Leyla Erkan, CHC, CHP, CHRC, shares some of the...more

Ropes & Gray LLP

Adversarial Machine Learning in Focus: Novel Risks, Straightforward Legal Approaches

Ropes & Gray LLP on

The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more

Baker Botts L.L.P.

Florida Bar Passes Pioneering Cybersecurity Recommendation

Baker Botts L.L.P. on

On March 28, 2025, the Florida Bar unanimously approved Recommendation 25-1, which was proposed by its Cybersecurity & Privacy Law Committee and encourages all Florida Bar members and their firms to adopt certain proactive...more

J.S. Held

Top Ten Strategic Advantages of a vCISO with AI Expertise for Developing Business and Protecting AI Applications

J.S. Held on

In today’s fast-paced digital landscape, Artificial Intelligence (AI) is reshaping industries, unlocking new efficiencies, and enabling transformative business models. Companies leveraging AI to create applications or enhance...more

A&O Shearman

Operational resilience in banking: from regulatory compliance to strategic priority

A&O Shearman on

As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more

Sheppard Mullin Richter & Hampton LLP

Insurance Cybersecurity Certifications: An (Updated) State Roundup

Sheppard Mullin Richter & Hampton LLP on

Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more

Alston & Bird

UK Government Publishes Cyber Governance Code of Practice for Boards and Directors

Alston & Bird on

On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Thomas Fox - Compliance Evangelist

Innovations in Compliance: Data Collection & Cybersecurity with ModeOne’s Matt Rasmussen and Ryan Frye

Thomas Fox - Compliance Evangelist on

Innovation comes in many areas, and compliance professionals need to be ready for it and embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning...more

Foley & Lardner LLP

Latest FCA Cybersecurity Settlement Shows Enforcement Remains a Priority Under Trump Administration

Foley & Lardner LLP on

A recent United States Department of Justice (DOJ) announcement reinforces that enforcement of cybersecurity requirements under the False Claims Act (FCA) remains an ongoing risk. According to the press release, defense...more

Sheppard Mullin Richter & Hampton LLP

FedRAMP 20x – Major Overhaul Announced to Streamline the Security Authorization Process for Government Cloud Offerings

Sheppard Mullin Richter & Hampton LLP on

On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more

NAVEX

Business resiliency needs to take centerstage if you want to keep pace with cyber threats and supply chain disruptions

NAVEX on

2024 was a year of numerous and notable cybersecurity failures – although, to be fair, most years are now marred by numerous and notable cybersecurity failures. That’s no longer anything special. What makes 2024 interesting...more

K2 Integrity

Navigating AI Governance and Security in the Age of Generative AI

K2 Integrity on

On 26 March 2025, K2 Integrity hosted a webinar discussing generative AI, its associated risks, governance strategies, and the future trajectory of AI adoption. The webinar featured Jason Straight, senior managing director...more

Integreon

DORA Compliance Part 1: Proactively Meeting DORA Supply Chain Resilience Obligations

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

Ward and Smith, P.A.

Privacy and Data Security in Community Associations: Navigating Risks and Compliance

Ward and Smith, P.A. on

For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more

Levenfeld Pearlstein, LLC

7 Things Businesses Should Consider When Using AI

Levenfeld Pearlstein, LLC on

Artificial intelligence (AI), machine learning algorithms, and other emerging technologies impact nearly every business and industry. The rapid deployment of Generative AI (GenAI) is reshaping how organizations do business...more

A&O Shearman

Hong Kong passes its first Cybersecurity Law to safeguard critical infrastructure

A&O Shearman on

Hong Kong’s Legislative Council passed the Protection of Critical Infrastructures (Computer Systems) Bill (the “CI Bill”) on March 19, 2025. This landmark legislation aims to enhance cybersecurity and minimize disruptions...more

Gardner Law

Why Compliance Audits Are Non-Negotiable

Gardner Law on

In today’s heightened enforcement environment, compliance auditing isn’t just a best practice—it’s a necessity. Federal and state laws and industry guidance, including the Office of Inspector General (OIG) Compliance Program...more

Jackson Lewis P.C.

Health Fitness, OCR’s Risk Analysis Initiative, and the ERISA Fiduciary Duty to Select Plan Service Providers

Jackson Lewis P.C. on

On Friday, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR) announced the fifth enforcement action under its Risk Analysis Initiative. In this case, OCR reached a settlement with Health...more

Mitratech Holdings, Inc

IT/DR Plan Spring Cleaning: How to Replace Outdated Policies

Mitratech Holdings, Inc on

Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more

Burr & Forman

Time for Spring Cleaning – Is Your HIPAA House Ready?

Burr & Forman on

When it comes to compliance with the Health Insurance Portability and Accountability Act of 1996 and its implementing regulations (“HIPAA”), is your house in order? Has someone recently looked underneath the counter and...more

Gardner Law

Recent Enforcement Reminds Companies: Assess HIPAA Compliance

Gardner Law on

A HIPAA compliance assessment is an evaluation of an organization's practices, policies, and procedures to ensure that they align with requirements from the Health Insurance Portability and Accountability Act (“HIPAA”). It...more

Levenfeld Pearlstein, LLC

Insurance-Related Trends, Risks, and Recommendations for Private Equity Transactions: A Conversation with Ryan Seager at...

Levenfeld Pearlstein, LLC on

In this second of a two-part conversation, Ryan discusses current trends and challenges, regulatory changes and shifts, and insurance-related best practices for private equity sponsors. In part one, Ryan talked about...more

Ankura

Generative AI Risks: Legal and Compliance Insights - Part 1

Ankura on

Generative artificial intelligence (AI) is transforming how businesses operate, from content creation to decision-making and even legal and compliance analysis. The use of machines to perform core deliberative and inventive...more

HaystackID

[Webcast Transcript] Discovering Data Quickly in High-Stakes White-Collar Investigations

HaystackID on

Editor’s Note: White-collar investigations can send shockwaves through an organization, demanding swift, strategic, and legally sound responses. In a recent HaystackID® webcast, experts broke down the complexities of...more

388 Results
 / 
View per page
Page: of 16
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide