Steps Your Nonprofit Can Take to Mitigate Fraud Risks - Part 2
A Third Party's Perspective on Third Party Risk
Implications of the SEC Cybersecurity Disclosure Rule
Privacy Issues from Third-Party Website Tags
What's the Tea in L&E? Employee Devices: What is #NSFW?
Preparing for a Government Healthcare Audit
Tackling Credit Push Fraud: Understanding Nacha's Risk Management Package (Part Two) — Payments Pros: The Payments Law Podcast
Compliance into The Weeds: The Complexity of Risk Assessments
Behavioral Health Compliance
The Importance of Assessment Areas
RegFi Episode 8: The Technological Path to Outcomes-Based Regulation with Matt Van Buskirk
What Physicians Need to Understand About Balance Billing
What Nonprofit Board Leadership Needs To Know About Internal Investigations
Taking a Behavioral Approach to Compliance
Episode 291 -- Interview of Mary Shirley on Her New Compliance Book
ChatGPT Risks for Compliance Programs
Season 2 Episode 3 - The Role of Ethics and Compliance Programs in International Business
In the Boardroom With Resnick and Fuller - Episode 4
What Non-Financial Institutions Need to Know About Gramm-Leach-Bliley
"Board-er" Patrol in Privacy and Cyberattacks - Unauthorized Access Podcast
Over the past several years, the number of states with comprehensive consumer data privacy laws has increased exponentially from just a handful—California, Colorado, Virginia, Connecticut, and Utah—to up to twenty by some...more
The recent $30 million settlement between 23andMe and 6.4 million users following a major data breach offers important lessons for businesses dealing with sensitive genetic and genomic information....more
Something keeping you up at night? It just might be the data risks hiding in your e-discovery process. Join us for an in-depth webinar on "Uncovering E-Discovery Data Risks: How to Identify and Mitigate Hidden Threats Before...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
Typically, we beat the drum of the need to prepare for a data incident—anything from a full-blown ransomware attack to an employee accidently sharing data with the wrong person—by having your Incident Response Plan developed...more
In this day and age, data privacy is a hot topic. Many Americans believe their personal data is less secure now than ever and that data collection poses more risks than benefits. For this reason, among others, businesses must...more
The Federal Trade Commission updated its “Standards for Safeguarding Customer Information” (“Safeguards Rule”) and extended the compliance deadline to June 9, 2023. Some entities still may be wondering – “Do these regulations...more
Following the SolarWinds and the Colonial Pipeline cyberattacks, the Biden Administration emphasized a shift toward mandatory cybersecurity requirements. Throughout 2021, government agencies issued new cybersecurity guidance,...more
Benefit plan sponsors and plan fiduciaries should take note and act quickly—the Department of Labor (DOL) has issued a new cybersecurity guidance package with far-reaching effects and has already begun including this in its...more
Lawyers handle tremendous amounts of sensitive information every day: their clients’ personal data, including both personally identifiable information (PII) and protected health information (PHI), intellectual property, trade...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
The Federal Data Protection and Information Commissioner (FDPIC) has determined that the Swiss-United States Privacy Shield does not provide an adequate level of data protection for data transfers from Switzerland to the U.S....more
The New York Department of Financial Services (NYDFS) has launched its first enforcement action under New York’s Cybersecurity law for financial services, so-called Part 500. Part 500 requires NYDFS licensed institutions to...more
Today’s organizations are faced with the overwhelming challenge of managing, finding, and leveraging their information. On average, organizations use 88 applications to power their workforce, a 21% increase from just three...more
On July 21, 2020, the New York Department of Financial Services (NYDFS) announced that it had filed its first enforcement action under 23 NYCRR 500 (the “Cybersecurity Regulation”) against First American Title Insurance (the...more
New and comprehensive privacy and cyber regulations continue to proliferate across the globe. These are not your father’s data breach notification laws. The scope of information included within these mandates has expanded...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
Now that the CCPA is in effect, some companies will need to revise their policies. The cyber insurance markets are beginning to adapt to the new California Consumer Privacy Act (CCPA) which went into effect on January 1. ...more
Effective as of January 1, 2020, the California Consumer Privacy Act (CCPA) gives broad rights to people on their personal data in the custody of companies. This focus on data rights significantly raises the compliance burden...more
The California Consumer Privacy Act (CCPA) took effect on New Year’s Day. California is the first state in the union to create a data privacy law for its residents. Other states will follow soon. For compliance purposes,...more
January 1, 2020, opens both a new decade and a new landscape in privacy regulation in the United States. On that day, the California Consumer Privacy Act, or CCPA, is set to become effective. The law will be the first of its...more
Since the first enforcement actions have been initiated, some with significant fines, many companies may find themselves somewhat at a loss as they may not fully know how to assess the risks involved and how to react should...more
The California Consumer Protection Act (CCPA) is scheduled to take effect on January 1, 2020. In recent days: - The Governor of California signed into law seven CCPA amendments, - The California Attorney General...more