Podcast - Innovations and Insights in the Palliative Care Space
Tariffs and Trade Series: What Investors Need to Know
Managing Sanctions Compliance
Tariffs and Trade Series: What Senior Management Teams Need to Know
No Password Required: CEO of HACKERverse.ai, Disruptor of Cybersecurity Sales and Most Other Things
Compliance Tip of the Day: Multiplying the Influence of Compliance
Daily Compliance News: May 13, 2025, The Leaving on a Jet Plane Edition
Compliance tip of the Day: Communication Through Persuasion
FCPA Compliance Report: Upping Your Game in Compliance
Episode 368 — LRN Issues New Report Highlighting Growing Gap in Compliance Program Performance
Compliance Tip of the Day: Empowering Middle Managers to Drive Compliance Transformation
Creativity and Compliance: From Compliance Enforcers to Trusted Advisors: The Path Forward
Top Healthcare Compliance Priorities for 2025
Compliance Tip of the Day: Middle Managers as the Eyes and Ears of Compliance
ADA Compliance for Medical and Dental Practices: Responding to Inquiries and Investigations
Innovation in Compliance: Exploring the Intersection of Compliance, Technology, and AI with Ben Sperry
What Every Law Firm Leader Can Learn from Law Day and the Perkins Coie Ruling: On Record PR
Compliance Tip of the Day: Elevating Compliance Through Connected Middle Managers
Compliance into the Weeds: USRA Declination Case Study - Self-Disclosure Best Practices
Compliance Tip of the Day: Middle Managers as Ethical Cornerstones
The 2024 CrowdStrike outage and the ransomware attack on NHS partner Synnovis hit mainstream news and highlighted the fragility of ICT supply chains and the risks posed by cyber incidents....more
As the digital landscape evolves, so do the threats that accompany it. The rise of artificial intelligence (AI) has fundamentally transformed the nature of cybercrime, enabling attackers to execute more sophisticated and...more
Cyberattacks are affecting every company and sector. Meanwhile, the regulatory landscape is intensifying as the SEC continues to enforce the cyber-risk management disclosure rules. Every day presents a new compliance and...more
Paul Hastings released its SEC Cyber Incident Disclosure Report today, providing a unique look at how public companies have responded to new incident disclosure requirements. The Securities Exchange Commission (SEC) approved...more
Cyber issues are seldom out of the news, from ransomware attacks and espionage to non-malicious outages that cause widespread concern. Organizations need to protect themselves against both current and future risks and...more
In this era of big data, smart devices, and constant connectivity, the clock's already ticking on your next data breach – it's just a matter of time. For companies of all sizes and across every industry, the stakes have never...more
Cyber regulation is changing in Australia. As governments globally grapple with the everchanging and increasingly challenging cyber landscape, Australia is poised to implement new laws and update existing regulation in order...more
The Securities and Exchange Commission (the “SEC”) has issued five compliance and disclosure interpretations related to the disclosure of material cybersecurity incidents under Item 1.05 of Form 8-K....more
On June 24, 2024, the SEC issued five new Compliance & Disclosure Interpretations (C&DIs) relating to the materiality assessment and disclosure requirements of material cybersecurity incidents under Item 1.05 of Form 8-K....more
On June 24, 2024, the Division of Corporation Finance (“Corp Fin”) of the Securities and Exchange Commission (“SEC”) issued five new Compliance and Disclosure Interpretations (“C&DIs”) related to the disclosure of “material”...more
Kennedys and Booz Allen Hamilton are delighted to invite you to our 3 hour webinar on Thursday, June 27, 2024. This half-day seminar features three presentations: Clear and present danger, In the war room, and The fallout....more
A significant shift in cybersecurity compliance is on the horizon, and businesses need to prepare. Starting in 2024, organizations will face new requirements to report cybersecurity incidents and ransomware payments to the...more
Cyberhackers—potentially frustrated by their limited ability to extort ransom from health care entities in attacks—have started extorting the patients themselves, threatening them with the release of information or...more
The Cybersecurity and Infrastructure Agency (CISA) is seeking comment on a proposed rule to implement reporting requirements for critical infrastructure entities, including health care entities, on cyberattacks and ransomware...more
Most businesses in the United States will have to file incident reports—including for ransomware payments—under the Proposed Rule. The Department of Homeland Security has the authority to issue subpoenas and even penalties...more
When negotiating technology or data services contracts, businesses of all sizes and industries are now spending more time and attention on privacy controls. The increasing prevalence of comprehensive U.S. state privacy laws...more
Report on Patient Privacy 23, no. 11 (November, 2023) Tim DiBona clearly remembers Christmas Eve 2018 when the staff of his small firm—Doctors’ Management Service (DMS)—arrived at their West Bridgewater, Mass., office to...more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
Ransomware trends – specifically related to frequency, cost, and payout – should no longer surprise us. We depend on technology more and more, integrating it into every aspect of our lives. As for data management, there is...more
There are so many factors that go into breach response. Determining the size of the breach, time limitations, legal requirements, notification needs, urgency for containment, and interrupted business operations are just a...more
On July 26, 2023, the Securities and Exchange Commission (SEC) implemented new cybersecurity rules to require disclosure of material cybersecurity incidents within four business days, with limited exceptions. Additionally,...more
Hackerangriffe, Datendiebstahl, Ransomware, Datenpannen und sonstige Cybersecurity Incidents werden immer mehr zu einem zentralen Unternehmensrisiko. Dabei wird oft übersehen, dass dieses Thema nicht nur in technischer,...more
Given recent regulatory activity and sentiments, companies must take an active role in maturing their cybersecurity programs so that they robustly counter potential risk. Current and future regulator activity, rulemaking, and...more
Crises and uncertainty are inevitable forces in modern business, particularly in cyber and digital. General counsels and legal risk executives are well suited to lead preparedness and resiliency for future crises, uniting key...more
The first half of 2022 brought plenty of activity in the data privacy and cybersecurity space, much of which is applicable to or of interest to the insurance industry. We outline some of this activity below. Revisions to...more