Managing Sanctions Compliance
Regulatory Ramblings: Episode 68 - Why Geopolitical Risk Matters to Compliance and Legal Staff with Mark Nuttal and Chad Olsen
FCPA Compliance Report: Amanda Carty on a Due Diligence and Risk Management
Episode 364 -- Five Strategies to Mitigate a New Risk Environment
Strengthening Compliance: Lessons From the OCC's Consent Order With Patriot Bank — Payments Pros – The Payments Law Podcast
Compliance and AI: Ali Khan on Implementing AI Risk Management Systems
Compliance Tip of the Day: Superforecasting
Compliance Tip of the Day: The Last Mile
Key Takeaways From the OIG's New Compliance Guidance for Nursing Facilities — Assisted Living and the Law Podcast
Envisioning a Compliant Workforce
Updating the Research Compliance Handbook
The Election's Impact on the FTC Will Bring Big Changes, But Being Vigilant Must Remain a Priority
Navigating the NYDFS' Cybersecurity Guidance on AI — The Consumer Finance Podcast
The Future of AI Regulation and Legislation: 5 Key Takeaways
Investigations and Cognitive Interviews
Fraud Prevention Techniques for Nonprofit Organizations - Part 3
Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
The order prioritizes extensive policy reviews, the introduction of a National Resilience Strategy and National Risk Register, and increased reliance on state and local governments to strengthen national infrastructure....more
On October 2, 2024, New York adopted new regulations requiring general hospitals to implement heightened cybersecurity safeguards. General hospitals, as defined in Article 28 of the NY Public Health Law, generally must begin...more
On November 13, 2023, Governor Kathy Hochul announced plans to regulate cybersecurity for New York general hospitals regulated under Article 28 of the Public Health Law. As proposed, the regulations will provide an additional...more
In the 1970’s, a series of tests of community water systems across the country led to some disturbing findings; varied standards of water containment, transmission, and handling were resulting in substantial health risks to...more
Operational resilience can be considered as the capability of an organization to deliver all critical business processes in the face of disrupting events. This can be particularly tricky to achieve in an ever changing and...more
EPA Aims to Mitigate Risk of Cyberattack on Public Water Systems On March 3, 2023, the U.S. Environmental Protection Agency (EPA) issued its Memorandum Addressing Public Water System (PWS) Cybersecurity in Sanitary Surveys or...more
At its open monthly meeting on March 16, 2023, the Federal Energy Regulatory Commission (FERC) approved a new cybersecurity standard proposed by the North American Electric Reliability Corporation (NERC) to address the supply...more
On October 29, 2021, the Cyberspace Administration of China (“CAC”) published the Security Assessment Measures of Data Cross-border Transfer (Draft for Comments) (the “New Draft Measures”) for public comments. The New...more
The new Data Security Law, together with the Cybersecurity Law (effective since June 1, 2017) and the Personal Information Protection Law (which is expected to be formally published later this year) will serve as the three...more
With the rapid pace of innovation and deployment of intelligent transportation systems (ITS) to enhance existing transportation infrastructure, transportation officials frequently procure and manage sophisticated systems that...more
In the December post Systemic Cyber Risks And The Internet of Things, we wrote about the increasing risk of cyber attacks on infrastructure and consumer products, and related insurance issues. We noted in that post that,...more
Cyber risk insurers are doing a brisk business these days. Reports of data breaches abound, and risk managers are understandably looking to offload some of the risk through insurance. As a result, insurers are issuing new...more
On February 12, 2013, President Obama signed both an executive order and a presidential directive that together set forth the administration’s approach to two key cybersecurity related issues: (i) regulating critical...more