Beyond the Bylaws: The Medical Staff Show | The Role of Bylaws in Medical Staff Governance, Part II
The Presumption of Innocence Podcast: Episode 60 - Enforcement Priorities of the Second Trump Administration: Employee Retention Tax Credit
Compliance Tip Of the Day: Using AI to Transform Whistleblower Response
Because That’s What Heroes Do: Deep Space 9 – Episode 30: Deep Trek Themes from Tacking into the Wind
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
FCPA Compliance Report: Kristy Grant-Hart on A 360° Review of the Future of Compliance
Great Women in Compliance: Creating Space to Speak Up: The Story Behind Psst.org
Work This Way: A Labor & Employment Law Podcast | Episode 43: How Employers Can Navigate White Collar Crime with Erica Barnes & Christian Dysart of Maynard Nexsen
The Presumption of Innocence Podcast: Episode 59 - Enforcement Priorities of the Second Trump Administration: DOJ Focus
Creativity and Compliance: Bringing Joy to Compliance: A Conversation with Virginia MacSuibhne
Beyond the Bylaws: The Medical Staff Show - The Role of Bylaws in Medical Staff Governance, Part I
Compliance Tip of the Day: Embedded Compliance
Auditing Your Hotline and Case Management System
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: AI for Whistleblower Anonymity
Compliance Tip of the Day: Taming Complexity
Improving Your Code of Conduct
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
Investigations and Cognitive Interviews
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more
As we look back on the SEC’s actions in 2024, we wanted to share our thoughts on lessons learned that we believe will carry through to 2025....more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
On October 22, 2024, the Securities and Exchange Commission (SEC) announced that it had charged four companies with making materially misleading disclosures regarding cybersecurity risks and intrusions, with one company also...more
On October 21, 2024, the Division of Examinations (the “Division”) of the U.S. Securities and Exchange Commission (the “SEC”) issued its annual examination priorities for fiscal year 2025. As with its 2024 examination...more
Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. ...more
Covered institutions will need to review their cybersecurity and incident response policies and procedures ahead of the applicable compliance deadline. The Securities and Exchange Commission (SEC) recently adopted...more
Earlier this month, approximately one year after releasing its proposed amendments to Regulation S-P, the SEC announced the adoption of final amendments to Regulation S-P, expanding the information protected, the policies and...more
SEC DROPS NEW REQUIREMENT FOR INCIDENT RESPONSE PROGRAMS, PROPOSAL FOR RIAS TO ADOPT CIP, SEC EXAMS SHARES MARKETING RULE FAILURES, RIA SLAMMED FOR FAILING TO RETAIN TEXTS, AND SEC WINS ON SHADOW TRADING THEORY - Welcome to...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
On May 15, 2024, the Securities and Exchange Commission (the “SEC”) issued final amendments (the “Amendments”) to Regulation S-P (originally adopted in 2000), which governs the treatment of a customer’s nonpublic personal...more
Last week, the Securities and Exchange Commission imposed expanded privacy and cybersecurity obligations on fund managers and sponsors registered with the SEC as investment advisers. While many registered investment advisers...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more
On November 13, 2023, Governor Kathy Hochul announced plans to regulate cybersecurity for New York general hospitals regulated under Article 28 of the Public Health Law. As proposed, the regulations will provide an additional...more
On November 1, 2023, the New York Department of Financial Services (NY DFS) published its highly anticipated final amendments to its influential cybersecurity requirements for financial services companies (Part 500)....more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”). Below we highlight some of the principal changes...more
Last month, Gurbir Grewal, the Director of the SEC’s Division of Enforcement, spoke at the Financial Times Cyber Resilience Summit. During the remarks, he outlined the importance of cybersecurity and signaled that the SEC is...more
It has been a full year since the initial comment period closed on the Securities and Exchange Commission’s (“SEC”) proposed rule on cybersecurity disclosure, governance, and risk management for public companies (the...more
At an open meeting on March 15, 2023, the U.S. Securities and Exchange Commission voted three to two to propose a new rule, form and amendments (together, “Proposed Rule”) and published an accompanying release (“Release”)...more
The SEC continues its overhaul of cybersecurity, cyber incident reporting, and privacy controls and requirements for industry registrants, their services providers, and corporate America generally. On March 15, 2023, the SEC...more
Cybersecurity attacks, such as malware, phishing emails, and password attacks, are a growing threat to patients and medical practices. Cyber attacks can significantly disrupt patient care, including by exposing confidential...more
On March 15, 2023, the Securities and Exchange Commission (“SEC”) issued three releases proposing (i) amendments to Regulation S-P (“Regulation S-P Proposal”)1, (ii) amendments to Regulation SCI (“Regulation SCI Proposal”)2,...more