Cybersecurity, Policies and Procedures, Risk Assessment

NIST finalizes cybersecurity incident response framework profile aligned with CSF 2.0

Hogan Lovells on 4/15/2025

On April 3, NIST published practical incident response guidance aligned with its CSF 2.0 framework. The guidance outlines best practices in security incident preparation and response for organizations mapped across each of...more

Spring Cleaning and Tune-up for Your Trade Secret Portfolio: Eight Steps

Wolf, Greenfield & Sacks, P.C. on 4/15/2025

Spring has arrived, and in addition to cleaning, it’s a good time to reassess how your company is handling its trade secrets. Far from being static, trade secret innovations, processes, and data evolve over time. Business...more

10 Key Questions to Guide Cyber Risk Management

Bennett Jones LLP on 4/4/2025

Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more

IT/DR Plan Spring Cleaning: How to Replace Outdated Policies

Mitratech Holdings, Inc on 3/21/2025

Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more

OCR Proposed Tighter Security Rules for HIPAA Regulated Entities, including Business Associates and Group Health Plans

Jackson Lewis P.C. on 1/2/2025

As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more

[Event] Healthcare Privacy Compliance Academy - January 27th - 30th, Orlando, FL

Health Care Compliance Association (HCCA) on 11/20/2024

HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more

Hospital Administrators – Is Your Hospital Cyber-Secure?

Lippes Mathias LLP on 11/20/2024

On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more

Revamping Your Cybersecurity Policies and Procedures: Tips and Tricks

Bond Schoeneck & King PLLC on 10/30/2024

As each year passes and technology advances, businesses face an increasingly difficult task to maintain adequate security measures to protect their organizations’ assets and data. With this in mind, it is important to review...more

DFS Issues Circular Letter Addressing Cybersecurity Risks Related to AI

ArentFox Schiff on 10/24/2024

On October 16, the New York Department of Financial Services (DFS) issued a circular letter addressing cybersecurity risks related to the increasing use of artificial intelligence (AI) in relation to insurers, insurance...more

Key Takeaways for Healthcare Providers Following HHS OCR’s Most Recent Ransomware Investigation

Jackson Lewis P.C. on 9/30/2024

Announcing its fourth ransomware cybersecurity investigation and settlement, the Office for Civil Rights (OCR) also observed there has been a 264% increase in large ransomware breaches since 2018....more

[Virtual Event] Compliance & Ethics Essentials Workshop - December 2nd - 5th, 8:00 am - 5:00 pm CT

Society of Corporate Compliance and Ethics... on 9/9/2024

Learn the key principles of compliance - no travel required! If you’re new to or have minimal experience in compliance management don’t miss this opportunity to build the foundational knowledge you need! SCCE’s four-day...more

Implications of the SEC Cybersecurity Disclosure Rule

Society of Corporate Compliance and Ethics... on 8/29/2024

In 2023 the US Securities and Exchange Commission adopted rules “requiring registrants to disclose material cybersecurity incidents they experience and to disclose on an annual basis material information regarding their...more

SEC Revamps and Enhances Data Protections with Amendments to Regulation S-P

Foley Hoag LLP - Security, Privacy and the... on 5/30/2024

The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more

[Event] Healthcare Privacy Compliance Academy - July 15th - 18th, Charlotte, NC

Health Care Compliance Association (HCCA) on 3/13/2024

Ideal for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy offers practitioners a deeper understanding of effective compliance management in a healthcare setting. The...more

[Virtual Event] Compliance & Ethics Essentials Workshop - May 13th - 16th, 9:00 am - 3:00 pm CT

Society of Corporate Compliance and Ethics... on 2/14/2024

SCCE’s four-day Compliance & Ethics Essentials Workshop provides comprehensive education on the core elements of a compliance program in a convenient virtual format. The curriculum is ideal for those new to or with little...more

New York State Prepares to Regulate Hospital Cybersecurity Programs

Mintz - Health Care Viewpoints on 11/29/2023

On November 13, 2023, Governor Kathy Hochul announced plans to regulate cybersecurity for New York general hospitals regulated under Article 28 of the Public Health Law. As proposed, the regulations will provide an additional...more

NYDFS Issues Updated And Stricter Virtual Currency Listing Guidance – New Policy Updates Due For Approval By January 31, 2024

K2 Integrity on 11/21/2023

Following a two-month public consultation period, on 15 November 2023 the New York State Department of Financial Services (NYDFS) published its new Virtual Currency Listing Guidance (the Guidance), in accordance with virtual...more

New York Raises the Bar Again: Revised Cybersecurity Requirements for Financial Services Companies Finalized

Eversheds Sutherland (US) LLP on 11/15/2023

On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on 10/6/2023

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

[Virtual Event] Compliance & Ethics Essentials Workshop - December 4th - 7th, 9:00 am - 3:30 pm CT

Society of Corporate Compliance and Ethics... on 10/3/2023

SCCE’s four-day Compliance & Ethics Essentials Workshop provides comprehensive education on the core elements of a compliance program. The curriculum is ideal for those new to or with little experience in compliance, as well...more

Updated Guidance Notes on the Prevention and Detection of Money Laundering, Terrorist Financing and Proliferation Financing in the...

Walkers on 9/15/2023

Following industry consultation, on 30 August 2023 the Cayman Islands Monetary Authority ("CIMA") issued updated Guidance Notes on the Prevention and Detection of Money Laundering, Terrorist Financing and Proliferation...more

Cybersecurity › Policies and Procedures › Risk Assessment