Episode 373 -- Christian Focacci on Current Developments in AI and Risk Management
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
Work This Way: A Labor & Employment Law Podcast | Episode 48: Opportunities & Risks with Artificial Intelligence in HR with Chingwei Shieh of GE Power
Handling References and Referrals While Safeguarding Your Business
Healthcare Enterprise Risk Management
Hospice Insights Podcast - Still Number One: Healthcare Fraud Remains Central in DOJ’s White Collar Enforcement Plan
Importance of Compliance Management in times of transition
AI on the Job: How to Stay Ahead of Employment and Data Privacy Risks
Law Firm ERGs Under Scrutiny: Navigating Compliance, Risk, and Culture - On Record PR
Your Guide to Dealing with Subpoenas Effectively
Upping Your Game: Harnessing AI to Revolutionize Third-Party Risk Management
The Future of Supply Chains: Chris Andrassy on Using AI to Predict & Prevent Disruptions
Navigating Legal Strategies for Covering GLP-1s in Self-Insured Medical Plans — Employee Benefits and Executive Compensation Podcast
Podcast: Addressing Patient Complaints About Privacy Violations
London Partner Roberta Downey Wired for Disputes: Tech, Infrastructure, and the New Frontier of Risk
Compliance Amidst a Global Consensus Breakdown
Compliance Tip of the Day: Discipline and Rigor in GTE Internal Controls
Great Women in Compliance: Board Bond - Why Ethics & Compliance Professionals Should Be on Boards and How to Get on One
Daily Compliance News: May 28, 2025, The Moron Premium Edition
The FAR Council issued a proposed rule that would amend the several FAR provisions and add new clauses to provide guidance on the safe handling of CUI. Public comments on the proposed rule are being accepted until March 17,...more
The HIPAA Security Rule was originally promulgated over 20 years ago. While it historically provided an important regulatory floor for securing electronic protected health information, the Security Rule’s lack of...more
On January 15, 2025, the Federal Acquisition Regulatory (FAR) Council issued a proposed rule that, if adopted, would uniformly define and protect Controlled Unclassified Information (CUI) across the government. The proposed...more
On December 27, 2024, the U.S. Department of Health and Human Services (HHS), through the Office for Civil Rights (OCR), announced a Notice of Proposed Rulemaking (NPRM) to amend the Security Standards for the Protection of...more
On January 15, 2025, the Department of Defense (DOD), General Services Administration (GSA), and the National Aeronautics and Space Administration (NASA) (collectively, “the FAR Council”) issued a long-anticipated proposed...more
The US Department of Health and Human Services (HHS) on January 6, 2025 issued a notice of proposed rulemaking (NPRM) seeking feedback on proposed updates to the Security Standards for the Protection of Electronic Protected...more
After years of anticipation, the Federal Acquisition Regulation (FAR) Council has announced the arrival of its proposed rule to enhance the safeguarding of Controlled Unclassified Information (CUI) in federal contracts (the...more
The U.S. Department of Health and Human Services (HHS) recently released a proposed rule to better protect electronic health data from cybersecurity threats. The proposed rule would apply to health plans, healthcare...more
On January 6, 2025, the U.S. Department of Health and Human Services (“DHHS”) Office of Civil Rights (“OCR”) published a proposed rule entitled, “HIPAA Security Rule to Strengthen the Cybersecurity of Electronic Health...more
For more than 20 years, the HIPAA Security Rule has been virtually unchanged other than extending its scope beyond covered entities to also include business associates. During that time, technology has changed, cybersecurity...more
The HIPAA Security Rule may soon undergo a big overhaul that would better defend healthcare data from cybersecurity threats – and require much more from covered entities when it comes to establishing and maintaining defenses....more
Government agencies at the state and federal levels are increasingly training their sights on the cybersecurity resiliency of companies in an array of industries. The US Securities and Exchange Commission has proposed rules...more
The New York Department of Financial Services (“DFS”) has proposed rule changes to increase cyber compliance requirements. DFS has been the leading regulatory force in the cybersecurity industry. ...more
Late last month the Securities and Exchange Commission (“SEC”) charged JP Morgan, UBS and Trade Station with violations of Regulation S-ID based on a range of inadequacies in their identity theft red flag policies and...more
The first half of 2022 brought plenty of activity in the data privacy and cybersecurity space, much of which is applicable to or of interest to the insurance industry. We outline some of this activity below. Revisions to...more
The US Securities and Exchange Commission (SEC) recently proposed a comprehensive framework of cybersecurity-related rules and amendments for investment advisers and investment companies. Although advisers and funds may have...more
On February 9, the SEC proposed new cybersecurity risk management regulations for investment advisers, registered investment companies (funds), and business development companies....more
New Rules, Proposed Rules, Guidance and Alerts – SEC STAFF GUIDANCE AND ALERTS - SEC Staff Issues Guidance on Cryptocurrency-related Holdings - On January 18, 2018, the staff of the SEC’s Division of Investment...more