Implications of the SEC Cybersecurity Disclosure Rule
Healthcare Document Retention
Vicky Hanks of Blake Morgan on Building an Effective Employee Brand - Passle's CMO Series Podcast
Behavioral Health Compliance
Conducting Healthcare Compliance Investigations
Navigating the Storm: Crisis Management in the Workplace — Hiring to Firing Podcast
Episode 299 -- Bobby Butler on the Compliance Profession and the Future of Compliance
Compliance Auditing & Monitoring
Web-based Tracking Technology and AI: HIPAA Compliance Issues for Health Care Practices
PODCAST: Williams Mullen's Benefits Companion - SECURE 2.0 Act Relief for Plan Corrections
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Compliance with the New EU-US Data Privacy Framework
Compliant Business Communications Through Messaging Apps
Interactive Compliance Policies
GILTI Conscience Podcast | Tax Insurance 101
Consumer Finance Monitor Podcast Episode: A Look at the Treasury Department’s April 2023 Report on Decentralized Finance or “DeFi”
Personal Devices and Messaging: Evolving Compliance Concerns and Best Practices
#WorkforceWednesday: What the End of the COVID-19 Public Health Emergency Means for Employers - Employment Law This Week®
What’s the Tea in L&E? Is There Such a Thing as a Purely Verbal Counseling?
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
On May 15, 2024, the Securities and Exchange Commission (the “SEC”) issued final amendments (the “Amendments”) to Regulation S-P (originally adopted in 2000), which governs the treatment of a customer’s nonpublic personal...more
Friendly reminder – the Washington My Health My Data Act (“WMHMDA”) compliance deadline for regulated entities to post their consumer health data privacy policy is March 31, 2024 (June 30, 2024 for small businesses). A...more
I recently had the chance to visit with Jonathan Armstrong on a recent data breach case that occurred in the health service provider NHS Lanarkshire (Scotland) during the COVID-19 pandemic. This breach serves as a stark...more
On June 21, the Department of Homeland Security (DHS) published a final rule to implement security measures that safeguard controlled unclassified information (CUI) from unauthorized access and disclosure and improve incident...more
In some respects, assuring compliance with HIPAA has always been a challenge because many health care providers, particularly physicians, pride themselves on maintaining patient confidentiality—even when they aren’t. Nurses,...more
The Federal Trade Commission will have its eye on privacy and data security enforcement in 2023. In August, the agency announced that it is exploring ways to crack down on lax data security practices. In the announcement,...more
By January 31, 2023, general acute care hospitals, clinical labs and certain physician organizations and medical groups in California are required to enter into the Single Data Sharing Agreement (DSA) to participate in the...more
In a recent Securities and Exchange Commission (“SEC”) enforcement action, the SEC concluded that a registered broker-dealer and investment adviser (the “Firm”) violated Rule 30 of Regulation S-P by failing to adopt...more
With the threat of cyber-attacks making the news, it is a good time for all non-profit organizations to review their policies and procedures with respect to data privacy. Many non-profit organizations are particularly...more
Hybrid work is likely here to say, and, as Sheila Limmroth, privacy specialist at DCH Health System, and the author of the chapter Hybrid Work Environment in the Complete Healthcare Compliance Manual observes in this...more
The European Union’s General Data Protection Regulation (GDPR) first launched the concept of data minimization, which states that a data controller should limit the collection of personal information to what is directly...more
Started in Europe in 2007, Data Privacy Day, or Data Protection Day as it is known internationally, is an international effort that takes place annually on January 28 to create awareness of the importance of data privacy. In...more
Though it was not long ago that resolutions of California Consumer Privacy Act (CCPA) readiness ushered in the new year, ‘tis the season once again to deck the halls with privacy compliance checklists. Retailers doing...more
This past summer’s string of cyber enforcement actions signals that cybersecurity has become a top priority for the US Securities and Exchange Commission (“SEC”). This focus is consistent with the SEC’s Division of...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
On August 30, 2021, the Securities and Exchange Commission announced three enforcement actions against registered investment advisers for alleged cybersecurity failures involving cloud-based email systems. All three actions...more
NGE Corporate & Securities partner Michael Gray recently interviewed Data Privacy & Information Governance partner David Wheeler about the cybersecurity needs for small and emerging companies. The discussion focused on the...more
While more states push forward on new privacy legislation statutorily granting consumers the right to litigate control of their personal information, federal courts continue to ponder how data breach injury fits traditional...more
Given the challenges of conducting clinical trials during the COVID-19 pandemic, many countries — including France — have allowed for some use of remote quality controls. In response to guidelines issued recently by European...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
In McFarlane v. Altice USA, Inc., a recent decision out of the Southern District of New York, a class of plaintiffs successfully established standing and stated a plausible claim for breach of implied contract based on a data...more
...Just when we were getting used to the idea of the California Consumer Privacy Act (CCPA), a new law was passed in November 2020, which will supercede it. Fortunately, there is time to prepare since the California Privacy...more
We are all facing new challenges in this pandemic, including the shift to and growth of remote work. Meanwhile, we also have to contend with the increased volume of attempted cyberattacks. Despite the distraction of the...more
On August 12, 2020, the SEC Office of Compliance Inspections and Examinations (OCIE) published a Risk Alert that identifies potential issues related to the COVID-19 pandemic for SEC-registered investment advisers and...more