Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
Work This Way: A Labor & Employment Law Podcast | Episode 48: Opportunities & Risks with Artificial Intelligence in HR with Chingwei Shieh of GE Power
Handling References and Referrals While Safeguarding Your Business
Healthcare Enterprise Risk Management
Hospice Insights Podcast - Still Number One: Healthcare Fraud Remains Central in DOJ’s White Collar Enforcement Plan
Importance of Compliance Management in times of transition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Law Firm ERGs Under Scrutiny: Navigating Compliance, Risk, and Culture - On Record PR
Your Guide to Dealing with Subpoenas Effectively
Upping Your Game: Harnessing AI to Revolutionize Third-Party Risk Management
The Future of Supply Chains: Chris Andrassy on Using AI to Predict & Prevent Disruptions
Navigating Legal Strategies for Covering GLP-1s in Self-Insured Medical Plans — Employee Benefits and Executive Compensation Podcast
Podcast: Addressing Patient Complaints About Privacy Violations
London Partner Roberta Downey Wired for Disputes: Tech, Infrastructure, and the New Frontier of Risk
Compliance Amidst a Global Consensus Breakdown
Compliance Tip of the Day: Discipline and Rigor in GTE Internal Controls
Great Women in Compliance: Board Bond - Why Ethics & Compliance Professionals Should Be on Boards and How to Get on One
Daily Compliance News: May 28, 2025, The Moron Premium Edition
Compliance Tip of the Day: What are Internal Controls?
Paul Hastings released its SEC Cyber Incident Disclosure Report today, providing a unique look at how public companies have responded to new incident disclosure requirements. The Securities Exchange Commission (SEC) approved...more
Continuing its controversial and aggressive approaches to cybersecurity, the U.S. Securities and Exchange Commission (SEC) recently charged four current and former public companies for purportedly “materially misleading...more
By now, public companies are generally aware of the cybersecurity rules adopted by the U.S. Securities and Exchange Commission a year ago, requiring public companies to disclose material cybersecurity incidents under Item...more
On June 24, 2024, the Division of Corporation Finance (“Corp Fin”) of the Securities and Exchange Commission (“SEC”) issued five new Compliance and Disclosure Interpretations (“C&DIs”) related to the disclosure of “material”...more
The SEC’s Division of Corporation Finance yesterday published five new Compliance and Disclosure Interpretations, or “C&DIs,” all concerning Item 1.05 of Exchange Act Form 8-K, Disclosure of Cybersecurity Incidents....more
Last month, the Director of the Division of Corporation Finance (“Director”) of the Securities and Exchange Commission (“SEC”) issued new guidance regarding disclosures of material cybersecurity incidents via Form 8-K under...more
The Security and Exchange Commission (SEC) Director of the Division of Corporate Finance, Erik Gerding, released a statement on May 21, 2024 that may have regulated entities scratching their heads about compliance and the...more
In a statement yesterday, the Director of the SEC’s Division of Corporation Finance commented on the relatively new Form 8-K Item 1.05 requirement. Last summer when the SEC adopted the final rules relating to cybersecurity...more
Erik Gerding, Director, Division of Corporation Finance, released a statement on the preferred methods to disclose certain cybersecurity incidents. Mr. Gerding noted “The cybersecurity rules that the Commission adopted on...more
In 2023, the U.S. Securities and Exchange Commission (“SEC”) issued its now-fully implemented Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure Rule. The Rule reflects the reality that cybersecurity...more
Recently, in advance of the effective date (December 18, 2023), the Director of the SEC’s Division of Corporation Finance provided additional guidance regarding the final rules relating to cybersecurity incident disclosure...more
The U.S. Securities and Exchange Commission (“SEC”) earlier this year adopted rules requiring public companies to provide enhanced disclosure of material cybersecurity incidents, as well as cybersecurity risk management,...more
On October 30, 2023, the SEC filed charges against SolarWinds Corp. and its chief information security officer (CISO), alleging: ..Failures to disclose known cybersecurity vulnerabilities affecting the company’s “crown...more
The new Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules (Final Rules) adopted by the U.S. Securities and Exchange Commission (SEC) were published in the Federal Register on Aug. 4, 2023, and...more
Following up on our previous report from almost a year ago, the U.S. Securities and Exchange Commission (the “SEC” or “Commission”) has adopted final rules intended to enhance and standardize disclosures regarding...more
The Securities and Exchange Commission (“SEC”) voted on July 26, 2023 to adopt new cybersecurity rules, which are aimed at helping investors better understand the cybersecurity risks associated with public companies by...more
On July 26, 2023, the Securities and Exchange Commission ("SEC"), in a 3-2 vote, adopted rules that will require public companies to make prescribed cybersecurity disclosures.1 The rules are designed to elicit "consistent,...more
The US Securities and Exchange Commission (SEC) adopted on July 26, 2023 final rules and amendments for mandating disclosure regarding cybersecurity risk management, strategy, governance, and incident reporting, including...more
In Short - The Situation: On July 26, 2023, the U.S. Securities and Exchange Commission ("SEC") adopted final rules that significantly alter cybersecurity disclosure obligations for companies. The SEC's final rules adopt...more
On July 26, 2023, the Securities and Exchange Commission (SEC) adopted rules imposing significant new disclosure requirements regarding cybersecurity risk management, strategy and governance and incident reporting by public...more
On July 26, the Securities and Exchange Commission (SEC), by a 3-2 vote, adopted final rules intended to enhance public companies’ disclosures regarding (1) cybersecurity incidents through a new required current report item...more
In a 3-2 vote, the Securities and Exchange Commission (SEC) adopted new cybersecurity rules yesterday (July 26, 2023) applicable to public companies. The rules, which will become effective thirty days after publication in...more
THE SEC’S RULE PROPOSALS AIM TO ASSIST INVESTORS - On March 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed new rules “to enhance and standardize disclosures regarding cybersecurity risk management,...more
The U.S. Securities and Exchange Commission (SEC) has launched a stunning salvo across the bows of public companies with its announcement of civil monetary penalties and a cease-and-desist order against First American...more