Compliance Tip of the Day: Empowering Middle Managers to Drive Compliance Transformation
Compliance Tip of the Day – Role of Chatbots in Compliance
Beyond the Bylaws: The Medical Staff Show | The Role of Bylaws in Medical Staff Governance, Part II
The Presumption of Innocence Podcast: Episode 60 - Enforcement Priorities of the Second Trump Administration: Employee Retention Tax Credit
Compliance Tip Of the Day: Using AI to Transform Whistleblower Response
Because That’s What Heroes Do: Deep Space 9 – Episode 30: Deep Trek Themes from Tacking into the Wind
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
FCPA Compliance Report: Kristy Grant-Hart on A 360° Review of the Future of Compliance
Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
Work This Way: A Labor & Employment Law Podcast | Episode 43: How Employers Can Navigate White Collar Crime with Erica Barnes & Christian Dysart of Maynard Nexsen
The Presumption of Innocence Podcast: Episode 59 - Enforcement Priorities of the Second Trump Administration: DOJ Focus
Creativity and Compliance: Bringing Joy to Compliance: A Conversation with Virginia MacSuibhne
Beyond the Bylaws: The Medical Staff Show - The Role of Bylaws in Medical Staff Governance, Part I
Compliance Tip of the Day: Embedded Compliance
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: AI for Whistleblower Anonymity
Compliance Tip of the Day: Taming Complexity
Improving Your Code of Conduct
Envisioning a Compliant Workforce
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
The Department of Homeland Security amended its regulations due to the urgent need to protect Controlled Unclassified Information. On June 21, 2023, the Department of Homeland Security (DHS or Department) issued a final...more
An executive order was signed on May 12, directing the federal government to overhaul its approach to cybersecurity. Corporate compliance and risk management professionals should consider this order carefully — because, in...more
Corporate Social Responsibility (“CSR”) and Environmental, Social, and Governance (“ESG”) practices have increasingly become priorities for many organizations as they assess their obligations to their employees, customers,...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
Hope for the best, but plan for the worst. Join us as we address ways to protect family privacy from external threats, and policies and procedures for handling information that individual family members wish to keep private...more
In this episode, Carlton Fields attorneys Kevin McCoy and Joe Swanson discuss the circumstances involved in a recent data breach involving the cannabis industry. We explore cybersecurity and data privacy issues that all...more
On January 27, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) announced its most recent Cybersecurity and Resiliency Observations. This report highlights specific practices that have been, and can be...more
Practical steps to address cybersecurity threats—what you should do when heightened tension in the Middle East or other events increase the threat of cybersecurity incidents. - When news events or business initiatives turn...more
When it comes to digital threats, universities must protect not only a broad and deeply layered infrastructure, but also vast populations of students. In this episode, Elisa D’Amico and Desiree Moore outline their top five...more
Effective November 2, 2018, companies that suffer a breach may have certain defenses in Ohio if they have a written cybersecurity program in place. Under this new law, companies can use as an affirmative defense the existence...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
As its next step in the creation and implementation of a cybersecurity plan, the State of Connecticut has created a Cybersecurity Strategy document. This strategy specifically highlights the roles and vulnerabilities of state...more
Results from the SEC’s First Round of Cybersecurity Examinations - On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and...more
Letter from the Editors - We are thrilled to provide you with the first issue of Mintz Levin’s TechConnect, a bi-monthly newsletter on “all things technology” in the legal and business world, from our perspective, of...more
In an environment where even the largest and most powerful corporations have fallen victim to data breaches, it can be challenging to fathom how to protect against the sophisticated and ever-evolving threat of cyber attacks....more
Non-Enforcement Cybersecurity Is At the Top of SEC Examination Concerns In a recent SEC “risk alert” for registered broker-dealers and investment advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE)...more
In recent years, the SEC has been focused on cybersecurity. It has issued risk alerts, conducted examinations and provided guidance about what the agency sees as widespread weaknesses in many policies and procedures to...more
On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation...more
WISP is the acronym for Written Information Security Policy. The information at issue is an individual’s personal information and identifiers, such as a Social Security number, driver’s license number, credit or debit card...more