News & Analysis as of

Information Technology Data Breach Compliance

Mitratech Holdings, Inc

IT Incident Management Simplified: 5 Strategies for Effective Recovery

Feel confident tackling any threat with a unified incident management approach that integrates roles, communication, and recovery tasks. Small and medium-sized organizations without a disaster recovery plan are 40% more...more

Mitratech Holdings, Inc

BCP & IT/DR: Why Your Business Continuity Strategy Needs Both

Balancing Business Continuity and IT Disaster Recovery is crucial for robust organizational resilience. So, how does your organization integrate both strategies for maximum impact?...more

Health Care Compliance Association (HCCA)

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

Jackson Lewis P.C.

FAQs for Schools and Persons Affected By the PowerSchool Data Breach

Jackson Lewis P.C. on

A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more

Wiley Rein LLP

DOJ Continues Crackdown on Cybersecurity Compliance with $1.25M FCA Settlement

Wiley Rein LLP on

The Department of Justice (DOJ) secured another win for its Civil Cyber-Fraud Initiative last week when it resolved a False Claims Act (FCA) action[1] alleging Pennsylvania State University (Penn State) failed to comply with...more

Mayer Brown

EU Cyber Legislation Puts Emphasis on Board Responsibility

Mayer Brown on

What is a Management Body? Under both DORA and NIS2, a management body can be a body with managerial and/or supervisory functions. The powers and structure of management bodies vary within the EU Member State, and managerial...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2023

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Thomas Fox - Compliance Evangelist

SEC, Solar Winds and Compliance

The recent SEC lawsuit against SolarWinds Corp and its CISO, Tim Brown, following the 2020 data breach, has brought the issue of executive liability in cybersecurity disclosures to the forefront. This case sheds light on the...more

Skadden, Arps, Slate, Meagher & Flom LLP

What Does the SEC’s Complaint Against SolarWinds Mean for CISOs and Boards?

On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more

Epiq

Moving Information Governance to the Driver’s Seat to Accelerate Cyber Breach Response

Epiq on

Information Governance often takes a back seat to other organizational initiatives. But why is this the case? The list of reasons is long and varied. Not knowing where to start or how to build strategic approaches to...more

The Volkov Law Group

The Evolving Partnership: Compliance and Cybersecurity (Part I of IV)

The Volkov Law Group on

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy.  The rapid elevation...more

ArentFox Schiff

Key Takeaways from OCR’s Latest Annual HIPAA Reports to Congress

ArentFox Schiff on

On February 17, 2023, the US Department of Health and Human Services Office for Civil Rights (OCR) released two companion reports to Congress detailing its actions in 2021 to enforce the privacy, security, and breach...more

NAVEX

The Complicated Tango of Compliance & Cybersecurity

NAVEX on

A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more

Society of Corporate Compliance and Ethics...

[Event] 20th Annual Compliance & Ethics Institute - September 19th - 22nd, Las Vegas, NV

SCCE’s Compliance & Ethics Institute is the primary educational and networking event for compliance and ethics professionals worldwide. Leading industry professionals cover real‑world compliance issues, emerging trends, and...more

Health Care Compliance Association (HCCA)

[Virtual Event] 2021 25th Annual Compliance Institute - April 19th - 22nd, 9:30 am - 4:35 pm CDT

The Compliance Institute is celebrating 25 years! Join us for the Compliance Institute's 25th anniversary, April 19-22, 2021. This year, HCCA is excited to celebrate over two decades of compliance excellence with our...more

NAVEX

[Webinar] Top Risk Management Lessons from the SolarWinds Hack - January 27th, 10:00 am - 11:00 am PT

NAVEX on

Last month there was a cyber-attack suspected to have been perpetrated by Russian hackers. The attack was traced back to third party – a network management software vendor, SolarWinds. Among its 300,000 customers, SolarWinds...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

NAVEX

CCPA’s Top 5 Compliance Challenges

NAVEX on

The California Consumer Privacy Act (CCPA) took effect on New Year’s Day. California is the first state in the union to create a data privacy law for its residents. Other states will follow soon. For compliance purposes,...more

Society of Corporate Compliance and Ethics...

Compliance Perspectives: Cybervigilance and Cyber-resiliency

Mark Lanterman, Chief Technology Officer of Computer Forensic Services lives technology at its most terrifying, helping organizations manage the risks of the IT we all use constantly. Recently he authored an article...more

The Volkov Law Group

The Convergence of Cybersecurity, Compliance, and Enterprise Risk Management

The Volkov Law Group on

When you survey business leaders on significant risks, they invariably cite cybersecurity as number one and anti-corruption as number two. For global businesses, this makes total sense. Cyber-crime damage is estimated to...more

Baker Donelson

Think Big Picture – minimize corporate export compliance risks while protecting your information security

Baker Donelson on

Recently I have attended several cyber security conferences. What I have learned about protecting information has changed how I view export controls. Senior management and board members should think about the big picture as...more

21 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide