News & Analysis as of

Covered Entities Cybersecurity Compliance

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Health Care Compliance Association (HCCA)

$1.5M Warby Parker Fine a Holdover; OCR Focuses On Men in Sports, Antisemitism, ‘Biological Truth’

Nearly six years to the day that Warby Parker reported a breach affecting nearly 200,000 individuals, the HHS Office for Civil Rights (OCR) imposed a $1.5 million fine on the eyewear giant. Investigated by OCR under the Biden...more

Epstein Becker & Green

Recent Developments in Health Care Cybersecurity and Oversight: 2024 Wrap Up and 2025 Outlook

Epstein Becker & Green on

As Cyberattacks targeting the health care sector have continued to intensify over the past year, including ransomware attacks that have resulted in major data breaches impacting health care organizations, the protection of...more

BakerHostetler

A New Budgetary Line Item for 2025 - New York-based Hospitals Should Plan Now for the Fiscal and Operational Costs Associated with...

BakerHostetler on

On October 2, the New York State Department of Health (NYSDOH) issued new cybersecurity regulations (Regulations) for all general hospitals in New York state (“hospitals”), creating a new Section 405.46 in Title 10 (Health)...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - January 27th - 30th, Orlando, FL

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Winstead PC

HIPAA Gets a Potential Counterpart in HISAA

Winstead PC on

Americans hear about cybersecurity incidents on a frequent basis. As the adage goes, it is not a matter of “if” a breach or security hack occurs; it is a matter of “when.”...more

Holland & Knight LLP

Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference

Holland & Knight LLP on

President Ronald Reagan famously quipped, "I think you all know that I've always felt that the nine most terrifying words in the English language are: I'm from the Government, and I'm here to help."1 At an Oct. 23-24, 2024,...more

Goodwin

NYDFS Publishes Guidance on AI-Related Cybersecurity Risks

Goodwin on

On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more

Latham & Watkins LLP

SEC Imposes New Cybersecurity Requirements on Broker-Dealers, Investment Companies, Registered Investment Advisers, and Transfer...

Latham & Watkins LLP on

Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. ...more

Holland & Knight LLP

New Requirements for Research Security Programs Raise the Stakes for Compliance

Holland & Knight LLP on

The National Security Presidential Memorandum-33 (NSPM-33), issued in January 2021, directed federal agencies that fund research and development (R&D) projects to require certain "Covered Institutions" to certify that the...more

Ogletree, Deakins, Nash, Smoak & Stewart,...

The EU’s NIS2 Directive: Covered Entities, Compliance Monitoring, Risk Management, Incident Reporting, and Penalties

In response to the increasing number of cyberattacks and the acceleration of digital transformation across sectors, the European Union has revised and improved its Network and Information Security (NIS) Directive. The...more

Epiq

New SEC Cybersecurity Rules: What to Know and How to Remain Compliant

Epiq on

As addressing cybersecurity issues continues to become a top priority throughout the financial industry, the U.S. Securities and Exchange Commission (SEC) is following suit. The SEC unanimously voted to approve a new set of...more

WilmerHale

8 Questions To Ask Before Final CISA Breach Reporting Rule

WilmerHale on

On April 4, the Cybersecurity and Infrastructure Security Agency published a notice of proposed rulemaking setting out mandatory reporting requirements for covered entities that experience cybersecurity incidents or make...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

BakerHostetler

Are You Ready for It? NYDFS Annual Cybersecurity Certification Deadline April 15

BakerHostetler on

The New York State Department of Financial Services (NYDFS) amended its cybersecurity regulation, 23 NYCRR 500 (or Part 500), effective Nov. 1, 2023, which we wrote about here. Covered entities must still certify compliance...more

Dorsey & Whitney LLP

HIPAA on the Horizon in the New Year: Important Lessons from an Active 2023 and Regulatory Initiatives to Watch for in 2024

Dorsey & Whitney LLP on

2023 marked 20 years since the first compliance deadline under the Health Insurance Portability and Accountability Act’s (“HIPAA”) privacy rule. Despite the two decades of experience with HIPAA, compliance continues to remain...more

WilmerHale

NYDFS Finalizes Amendments to Cybersecurity Regulations

WilmerHale on

On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more

Eversheds Sutherland (US) LLP

New York Raises the Bar Again: Revised Cybersecurity Requirements for Financial Services Companies Finalized

On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more

BakerHostetler

OCR’s October Initiatives: Strengthening Telehealth Security and HIPAA Compliance

BakerHostetler on

October has been a busy month for the OCR, which is tasked with enforcing the regulations issued under HIPAA. In the past week, the OCR released two new guidance documents aimed at reducing the privacy and security risks...more

Mintz - Health Care Viewpoints

OCR Cybersecurity Newsletter Emphasizes Significance of HIPAA Sanction Policies

The Office for Civil Rights (OCR) recently offered covered entities and business associates (Regulated Entities) not-so-subtle reminders in its October 2023 Cybersecurity Newsletter that effective sanction policies can...more

Health Care Compliance Association (HCCA)

11 Years After First Disclosure, L.A. Care Pays $1.3M, Says ‘Processing Errors’ Caused Breaches

Report on Patient Privacy 23, no. 10 (October, 2023) By 2016, it should have been clear to HIPAA covered entities that a security risk analysis—and corresponding risk management plan—were compliance basics. Yet, a new...more

Health Care Compliance Association (HCCA)

[Event] 2023 Healthcare Enforcement Compliance Conference - November 5th - 7th, Washington, DC

Hear directly from the enforcement community - Want to gain insight into properly monitoring, detecting, investigating, and managing violations? Join us at HCCA’s Annual Healthcare Enforcement Compliance Conference to...more

Goodwin

SEC to Impose Significant New Privacy and Cybersecurity Rules for BDs, RIAs, TAs, and Mutual Funds

Goodwin on

The SEC continues its overhaul of cybersecurity, cyber incident reporting, and privacy controls and requirements for industry registrants, their services providers, and corporate America generally. On March 15, 2023, the SEC...more

Holland & Knight LLP

Changing of the Guard? SEC Proposes Significant Amendments to the Safeguards Rule

Holland & Knight LLP on

The SEC continued its recent onslaught of proposed cybersecurity rules in mid-March with three new proposals covering a litany of entities, including investment advisers, broker-dealers, investment companies, clearing...more

Health Care Compliance Association (HCCA)

[Event] Healthcare Privacy Compliance Academy - May 8th - 11th, Chicago, IL

Healthcare Privacy Compliance Academy Overview - Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper...more

44 Results
 / 
View per page
Page: of 2

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide