When AI Meets PI: Assessing and Governing AI from a Privacy Perspective
The American Privacy Right Act (APRA) explained
Navigating the Regulation Jungle: How to Be Compliant, Work Efficiently, and Stay Sane
Healthcare Document Retention
Legal Alert | Wiretap Laws in the United States
Business Better Podcast Episode: Cyber Adviser – A Comparison of AI Regulatory Frameworks
Cost of Noncompliance: More Than Just Fines
Will the U.S. Have a GDPR? With Rachael Ormiston of Osano
No Password Required: MITRE Engage Lead, Innovator in Cyber Deception, and Dance Community Builder
Navigating State Privacy Laws: A Conversation with Oregon & Texas Regulators about Privacy Enforcement
The Team Continues to Grow: A Conversation With Our Newest Colleague, Kaitlin Clemens — Unauthorized Access Podcast
Episode 326 -- Dottie Schindlinger on Diligent's Report on Board Oversight of Cybersecurity Risks and Performance
[Webinar] Midyear Data Privacy Check-in: Trends & Key Updates
Information Security and ISO 27001
Decoding Privacy Laws: Insights for Small to Mid-Sized Businesses — Regulatory Oversight Podcast
No Password Required: Education Lead at Semgrep and Former Czar for Canada’s Election Security
Navigating State Privacy Laws
[Webinar] You Are Here: First Steps in Data Mapping
Data Centers: Demand, Development, and Future Challenges With Ali Greenwood — TAG Infrastructure Talks Podcast
AGG Talks: Women in Tech Law - Episode 1: Charting the Course: Women Trailblazing in Cybersecurity and Crisis Governance
‘Dear Mary,’ is Troutman Pepper’s Incidents + Investigations team’s advice column. Here, you will find Mary’s answers to questions about anything and everything cyber-related – data breaches, forensic investigations, how to...more
As a number of recent headlines demonstrate, the U.S. Securities and Exchange Commission (SEC) and other regulators have fined and penalized employers and employees in the financial services industry for non-compliance with...more
The financial services sector must already contend with a maze of regulations in a variety of areas, and 2023 is poised to usher in new cybersecurity regulations for the industry. Organizations should ensure their security...more
On March 29, 2022, federal banking regulators issued important guidance for how banking organizations can comply with the upcoming requirement to notify regulators within 36 hours of ransomware or other disruptive...more
On October 27, 2021, the Federal Trade Commission (“FTC”) announced new updates to the Gramm-Leach-Bliley Act (“GLBA”) by amending the Standards for Safeguarding Customer Information, known as the “Safeguards Rule,” and...more
In response to increasingly frequent and sophisticated cybersecurity attacks on banks and bank service providers, the federal prudential banking regulators—the Office of the Comptroller of the Currency (OCC), the Board of...more
Crisis has set the stage for fintech companies in 2021, creating both new opportunities and potentially unprecedented challenges to innovation. While the coronavirus pandemic continues to accelerate the digital transformation...more
Can you say 0 to 60? Not cars, but pretty much everything to do with financial services. A new year, a new administration, and new challenges for providers. Prior CFPB Director Kraninger is long gone. Acting Director Uejio...more
Keypoint: April 12, 2021 is the deadline to comment on a proposed rule that would require banking organizations and bank service providers to promptly report computer-security incidents. The Office of the Comptroller of...more
The Office of the Comptroller of the Currency (OCC), the Federal Reserve Board (FRB), and the Federal Deposit Insurance Company (FDIC), have issued a notice of proposed rulemaking (Proposed Rule) that would require a banking...more
On January 12, 2021, the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (Board), and the Federal Deposit Insurance Corporation (FDIC) published a Notice of Proposed...more
The Office of the Comptroller of the Currency, Treasury (OCC), the Board of Governors of the Federal Reserve System (Board), and the Federal Deposit Insurance Corporation (FDIC) recently announced a “Notice of Proposed...more
CYBERSECURITY - Patching Gets More and More Complicated but Is Critical for Managing Risk - Patching vulnerabilities has always been challenging, but these days, it is getting more and more complicated as...more
Regulatory bodies are upping the ante when it comes to settling with companies that have suffered data breaches. In addition to the below settlements, see also the settlement between the OCR and Dignity Health....more
We all have them. Old computers sitting around in storage, never to be used again. Broken servers that have passed their prime. Laptops abandoned for their newer, shinier versions. And what do you do with them? If these...more
Digital transformation refers to the process of leveraging technology, people and processes to innovate or stay competitive. The main driver of this process is often data...more
As we previously reported, Capital One Financial Corporation announced in July 2019 a major data security breach when an individual gained unauthorized access to personal information about Capital One credit card customers. ...more
In This Issue. The Office of the Comptroller of the Currency (OCC) proposed a rule that would establish that a national bank or federal savings association is the “true lender” of a loan if, as of the date of origination, the...more
Editor's Note - In This Issue. The Securities and Exchange Commission (SEC) adopted rules and amendments designed to promote research on mutual funds, exchange-traded funds (ETFs), registered closed-end funds, business...more
Editor's Note - In This Issue. The Office of the Comptroller of the Currency (OCC) announced that it was seeking public comments on revising the Volcker Rule; the Securities and Exchange Commission (SEC) offered a window...more
Financial Industry Developments - Prohibition on Dealing or Investing in Industrial or Commercial Metals - On January 3, 2017, the Office of the Comptroller of the Currency (the "OCC") finalized a rule that...more
The fourth quarter of 2016 has seen an uptick in regulatory activity respecting the financial services sector in the cybersecurity space, both at the state level as previously discussed (here) and on the federal level....more
Yesterday, the Office of the Comptroller of the Currency (OCC) released its Semiannual Risk Perspective (the “Semiannual Risk Perspective”). The Semiannual Risk Perspective covers “key issues facing banks, focusing on those...more
Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more
The Federal Financial Institutions Examination Council (FFIEC) has recently developed a new tool to help U.S. financial institutions combat the increasing volume and sophistication of cyber attacks. To blunt threats to a...more