News & Analysis as of

Risk Assessment Data Security

National Association of Insurance Commissioners Issues Insurance Data Security Model Law

• NAIC recently adopted an Insurance Data Security Model Law that follows the risk assessment-based approach of the New York DFS Cybersecurity Regulation. This signals the growing influence of the New York Regulation,...more

The Data Report Episode 14: Zero Day

by Bilzin Sumberg on

Module Four: When It All Goes Wrong (Part III) Once a data breach is discovered there is a limited amount of time to begin assessing, addressing, and eliminating the problem. In this episode of The Data Report, Litigation...more

New York’s Cybersecurity Requirements Pose Multi-Year Compliance Challenges

by McDermott Will & Emery on

New cybersecurity regulations issued by the NYDFS define the nonpublic information they regulate in exceptionally broad terms. This expanded definition of Nonpublic Information will create major challenges for regulated...more

Give Your Customers the Gift of Security

by Perkins Coie on

2017 has reminded us that data security threats continue to evolve and that the stakes for companies can be very high if their data security programs fail to evolve as well. Before the recent announcement of Equifax’s...more

A Little Help From HIPAA

by McGuireWoods LLP on

HIPAA’s Security Rule requires that Covered Entities perform “periodic” Security Risk Assessments. All too often, however, this regulatory obligation is ignored altogether, performed extremely sporadically, or treated as a...more

OCIE Releases Results of Cybersecurity Examination Initiative

On August 7, 2017, the Office of Compliance Inspections and Examinations (OCIE) of the U.S. Securities and Exchange Commission (SEC) released a summary of its observations (the report) from cybersecurity examinations of 75...more

Governors of 38 States Join a Cybersecurity Compact

by Wilson Elser on

On July 16, 2016, the chair of the National Governors Association (NGA), Governor Terry McAuliffe (D-VA), unveiled his 2016-2017 initiative, Meet the Threat: States Confront the Cyber Challenge. Over the past year, the...more

US Companies Create Principles for Cybersecurity Risk Ratings

by BakerHostetler on

On June 20, 2017, the U.S. Chamber of Commerce announced that a consortium of more than two dozen chamber member companies, including prominent big banks, big-box retailers, and technology giants released a set of principles...more

Yet another Target settlement highlights data breach costs

by Thompson Coburn LLP on

In what appears to be the closing act of the saga that is the Target data breach, on May 23 the retailer announced it had reached a settlement agreement with a coalition of 47 states’ attorneys general. Pursuant to the...more

China Cybersecurity Law: Seven Key Points to Ensure You are Compliance Ready for its Launch on 1 June 2017

by Dechert LLP on

China’s Cybersecurity Law comes into force on 1 June 2017. It is a significant piece of legislation impacting all companies operating a network in China. It covers a wide range of activities relating to the cyberspace,...more

Colorado’s Proposed Cybersecurity Rules for Investment Advisers and Broker-Dealers

by Snell & Wilmer on

Colorado has new proposed rules that add cybersecurity requirements for certain entities with Colorado securities licenses. The proposed rules are from the regulatory agency the Division of Securities. It licenses securities...more

New York stiffens data protection regs

by Thompson Coburn LLP on

New York has once again positioned itself as a leader among states by recently implementing one of the most detailed and stringent data security regulations to date. It should come as no surprise that New York is a prime...more

Lessons from OCR HIPAA Settlements - Mobile Device Security Standards

by Ruder Ware on

In the first known case involving a wireless provider, a cardiology service provider agreed to pay a $2.5 million settlement based on the impermissible disclosure of unsecured electronic protected health information (ePHI)....more

"Cybersecurity Trends for Boards of Directors"

Cybersecurity has in recent years become an integral component of a board’s role in risk oversight, but directors often find themselves in unfamiliar territory when it comes to formulating policies and oversight processes...more

Gone Phishin’: Hack Leads to HIPAA Settlement

Earlier this week, the HHS Office for Civil Rights (“OCR”) announced a $400,000 settlement with Metro Community Provider Network (“MCPN”) related to a 2012 HIPAA breach caused by a phishing scam. The phishing scam, carried...more

N.Y.’s New Cybersecurity Regulations: What Financial Services Companies Need to Know

With corporate data security breaches on the rise, the New York State Department of Financial Services (NYDFS) has adopted rules requiring financial institutions to take certain measures to safeguard their data and inform...more

Cybersecurity Threats for Treasury & Payment Management Systems Report Released

Pactera Technologies N.A., Inc. [www.Pactera.com] has released the report “Cybersecurity Threats for Treasury & Payment Management Systems: Six Things you Should Know to Manage Them.” It is easy to understand and pertinent,...more

Rock and a Hard Place: Banks In Search of Compliance Amid Diverging Regulatory Regimes

Last year was the first that national banks and federal savings associations subject to supervision by the Office of the Comptroller of the Currency (“OCC”) were armed with a sense of the agency’s regulatory expectations when...more

Cybersecurity Still Top FINRA Operational Risk

by Carlton Fields on

On January 4, the Financial Industry Regulatory Authority (FINRA) published its annual Regulatory and Examination Priorities Letter providing firms with information about areas FINRA plans to review in 2017 as well as...more

HHS OCR Levies Significant HIPAA Penalties in a Series of Recent Settlements: Covered Entities and Business Associates Alike...

by Arnall Golden Gregory LLP on

Between June and November 2016, the Department of Health and Human Services Office of Civil Rights (HHS OCR) has announced seven high-dollar settlements to resolve alleged violations of the HIPAA privacy, security, and breach...more

New FTC Data Breach Response Guidelines

by Robins Kaplan LLP on

Cybersecurity should always be at the top of any retailer’s priority list—and even more so as the holiday shopping season gets underway. To that end, the Federal Trade Commission’s newly-released Data Breach Response...more

HHS Designates Cloud Service Providers as Business Associates Under HIPAA

by Ballard Spahr LLP on

Cloud service providers that process electronic protected health information (ePHI) are business associates under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), even if the PHI is encrypted and the...more

New York's New Cybersecurity Rules: What Is Required?

by White & Case LLP on

The new cybersecurity rules proposed by the New York State Department of Financial Services require financial services institutions to have extensive cybersecurity protections in place; including cybersecurity programs,...more

Best Practices to Thwart Hackers Using Email to Get Your Money

by Pessin Katz Law, P.A. on

Not a week goes by without some news report of another hacking incident. The industries targeted include large retail stores, restaurants, banks, attorneys, accountants and recently in Maryland, a title company. In...more

Record-Breaking HIPAA Settlement Sends Strong Message to Covered Entities

This month marked the largest HIPAA settlement to-date for a single entity. Advocate Health Care Network (“Advocate”) agreed to pay $5.5 million and adopt a corrective action plan after an investigation by the Department of...more

48 Results
|
View per page
Page: of 2
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.