In this week’s installment of our blog series on the U.S. Department of Health and Human Services’ (HHS) HIPAA Security Rule updates in its January 6 Notice of Proposed Rulemaking (NPRM), we are exploring the proposed updates...more
The Department of Health and Human Services (HHS) has proposed significant modifications to the HIPAA Security Rule and the HITECH Act in an attempt to strengthen cybersecurity protections for electronic protected health...more
A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more
In 2025, new federal reporting requirements will require hundreds of thousands of organizations to report cyber incidents within hours of discovery to the United States Government, marking a significant impact on how...more
Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule. The Department of Homeland Security has the authority to issue subpoenas and even penalties...more
The U.S. Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is publishing a proposed rule (Proposal or NPRM) that will require broad segments of industry to meet onerous and quick...more
On February 22, 2024, the Federal Communications Commission (FCC or “Commission”) released a Public Draft of a Report and Order that, if adopted, would establish a voluntary labeling program for Internet of Things (IoT)...more
FCC Requests Comment on CPNI/SIM Change Authentication Item: In this Further Notice of Proposed Rulemaking (FNPRM), the Federal Communications Commission (FCC or Commission) seeks comment on whether to harmonize the existing...more
On October 19, the Federal Communications Commission (“FCC”) is expected to adopt a Notice of Proposed Rulemaking (“NPRM”) proposing to reclassify broadband internet access service as a “telecommunications service” under...more
In a new Notice of Proposed Rulemaking (NPRM), the Federal Communications Commission (FCC) imposes a short comment deadline for a complex new cybersecurity labeling regime for Internet of Things (IoT) devices. The NPRM also...more
By next year, consumers may be able to scan a QR code on their connected devices for information about cybersecurity protections that are built into their devices. Details on the program are still being worked out, but the...more
Continuing a recent trend in which the Federal Energy Regulatory Commission ("FERC") has been directing the North American Electric Reliability Corporation ("NERC") to improve or maintain the reliability of the nation's...more
The U.S. Federal Communications Commission (FCC or Commission) released a Notice of Proposed Rulemaking (NPRM) seeking to update and strengthen its rules requiring telecommunications carriers and interconnected Voice over...more
Regulatory Developments - Agencies Issue Joint Proposal to Strengthen and Modernize CRA Regs - On May 5, the FDIC, the FRB and the OCC issued a joint Notice of Proposed Rulemaking (NPR) to “strengthen and modernize” the...more
The Federal Energy Regulatory Commission (FERC) is tasked with keeping our electric grid safe and maintaining reliable and secure energy for U.S. consumers. ...more
Key Wireless Deadlines - NIST Requests Comment on its Mobile Device Security Practice Guide: The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) seeks comment on a...more
On January 12, 2021, the Office of the Comptroller of the Currency (OCC), the Board of Governors of the Federal Reserve System (Board), and the Federal Deposit Insurance Corporation (FDIC) published a Notice of Proposed...more
On December 17, 2020, the Office of the Comptroller of the Currency, Treasury (OCC); the Federal Reserve; and the Federal Deposit Insurance Corporation (FDIC) issued a Notice of Proposed Rulemaking that would require...more
On April 1, 2016, the FCC released a Notice of Proposed Rulemaking (“NPRM”) that would impose new regulatory burdens on broadband Internet service providers’ use of customer data. The wide-ranging NPRM also proposes rules...more