News & Analysis as of

Security Risk Assessments

Use This Checklist to Assess Your Cybersecurity Preparedness

by Steptoe & Johnson PLLC on

When was the last time your organization did an assessment of its cybersecurity preparedness? October was designated as Cybersecurity Awareness Month. Even though October is coming to a close, it is important to continue your...more

SEC’s Most Recent Cybersecurity Move: What Registered Investment Advisors Need to Know

by Polsinelli on

As public concern over data security grows in the wake of the Equifax data breach, the U.S. Securities and Exchange Commission (SEC) is increasing its scrutiny of registered investment advisors (RIAs). In turn, RIAs should...more

Pros and Cons of Hiring a Security Rating Agency

by Patrick Law Group, LLC on

One can hardly check out any news outlet today without reading or hearing about a security breach. Experts frequently advocate performing internal assessments to identify security weaknesses. Commentators tout the...more

China's New Cybersecurity Law Brings Enforcement Crackdown

by Jones Day on

The Situation: Earlier this year, the People's Republic of China enacted its Cybersecurity Law, which granted authorities broad, explicit powers to monitor and investigate activities falling under its purview, along with the...more

Cleared for Departure: Pre-trip Planning Focused on Risk for Executives and HNW Individuals

Whether for work or pleasure, international travel today poses a series of unique threats, especially for executives and high-net-worth individuals. Being well informed about the region and country you will be...more

SEC’s Cybersecurity Risk Alert Reflects Advisory Firms are Gambling with Your Data

by Burr & Forman on

In August 2017, the SEC’s Office of Compliance Inspections and Examinations issued a Cybersecurity risk alert directed at financial advisory firms. As part of the SEC’s 2014 Cybersecurity Initiative, seventy-five firms,...more

Before You Hit “Send”: Ensuring Your Attorney-Client Emails Comply with the new ABA Guidance

by Patrick Law Group, LLC on

Today’s attorneys rely heavily on technology to communicate with clients, especially email. At the same time, given the sensitive nature of many attorney-client communications and the potential windfall to anyone who...more

Terrorist Attacks: The importance of adequate security measures at hotels

by Hogan Lovells on

Hotels are targets for terrorists due to the likely presence of foreign tourists and the consequent possibility of impacting multiple nations with one attack. We blogged...more

HHS Gets Agressive: HIPAA Audits from 2016

by Kiesewetter Law Firm on

HHS has become more aggressive with audits, and with increased penalties, covered entities and business associates simply cannot afford an audit on HIPAA rules and regulations. In March of 2016, HHS's Office for Civil Rights...more

SEC Examination Priorities for 2017 – What do Robots, Senior Investors, and Payment for Order Flow Have in Common?

This week, the SEC’s Office of Compliance Inspections and Examinations (OCIE) released its Examination Priorities for 2017 that reflects certain practices, products, and services that OCIE perceives to present potentially...more

Federal Court Rules that FEC Cybersecurity Study is Exempt from FOIA Disclosure

Last week, a D.C. federal judge ruled that an investigative reporter was not entitled to a 2014 cybersecurity study performed by an outside vendor detailing vulnerabilities in the Federal Election Commission’s information...more

More on HIPAA Audits for 2016 and 2017–Desk Audits and On-Site Audits

As part of the ongoing HHS OCR HIPAA audit initiative, it is conducting “HIPAA desk audits.” These audits don’t involve auditors coming in your facility. Instead, covered entities are being asked to submit documents on...more

HIPAA Compliance – Not Just an Issue for Health Care Providers

by Dechert LLP on

Many people believe that compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) is solely an issue for health care providers and their affiliates. However, nothing could be further from the...more

HIPAA Phase 2 Audits: What Has OCR Requested from Auditees to Date?

by Alston & Bird on

In our April 8, 2016, advisory, we discussed the U.S. Department of Health and Human Services’ (HHS) Office of Civil Rights (OCR) “Phase 2” audit program. Then, we could only make educated guesses about what documents OCR...more

HIPAA Compliance Is a Health Care Entity’s Secret Weapon in Preventing and Combating Ransomware Attacks

One of the fastest growing areas of cybercrime is ransomware. Ransomware is a type of malicious software that encrypts data and makes it inaccessible to authorized users. The hackers who orchestrate ransomware attacks demand...more

Boosts in Ransomware Attacks Spark Multiple Government Agency Responses

by Reed Smith on

Following a recent U.S. government interagency report indicating that, on average, there has been an alarming 300 percent spike in daily ransomware attacks since early 2016 as compared with 2015, the U.S. Department of Health...more

HHS: Ransomware Attacks Likely HIPAA Breaches In Absence of Encryption

On July 11, 2016, the U.S. Department of Health & Human Services (HHS) issued a Fact Sheet that provides guidance on (i) how HIPAA Security Rule compliance can assist health care organizations combat ransomware attacks, and...more

OCR Begins HIPAA Phase 2 Audits

by Morgan Lewis on

What covered entities and business associates can do to prepare for the next round of audits. On July 11, the HIPAA Phase 2 audits commenced when 167 covered entities received notice of a desk audit from the Department...more

“Your Money or Your PHI”: OCR Releases Guidance on Ransomware

On July 11, 2016, the Office for Civil Rights (OCR) released important new guidance on ransomware for hospitals and other healthcare providers and finally addressed the question of whether electronic protected health...more

Business Associate Settles HIPAA Investigation for $650,000

by Lathrop Gage on

The U.S. Office for Civil Rights (OCR), the agency responsible for enforcing the HIPAA Privacy and Security rules, has just sent a strong message that business associates are not immune from scrutiny. On June 24, 2016, in a...more

Hotels, Hospitality and Guest Privacy: Six Important Questions to Ask After the Andrews Verdict

Earlier this month, a Nashville jury awarded sportscaster Erin Andrews $55 million after she sued the companies that franchise, own and operate a hotel, alleging that the hotel improperly gave her private information to...more

CFTC Intermediaries to Adopt and Implement Cybersecurity Programs by March 1, 2016

Commencing March 1, 2016, all commodity pool operators, commodity trading advisors, futures commission merchants, retail foreign exchange dealers, investment brokers, major swap participants and swap dealers that are National...more

EU Announces Agreement on New Cybersecurity Directive

by Katten Muchin Rosenman LLP on

On December 7, the European Parliament and the Luxembourg Presidency of the EU Council of Ministers (Council) announced that they have reached agreement on the text of the proposed new EU Cybersecurity Directive (Directive)....more

HIPAA and Text Messaging

by LeClairRyan on

Text messaging is pervasive. Doctors and other health care providers, covered entities, and business associates currently use (and embrace) the technology. Texting is easy, fast and efficient. It doesn’t require a laptop...more

Cybersecurity 2.0: What’s Expected of Federally Regulated Financial Institutions

As federally regulated financial institutions (FRFIs) expand their reliance on technology, employ progressively complicated and interconnected networks and systems, increase their electronic service offerings and collaborate...more

64 Results
|
View per page
Page: of 3
Cybersecurity

"My best business intelligence,
in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.