News & Analysis as of

Third-Party Cybersecurity Compliance

Integreon

DORA Compliance Part 1: Proactively Meeting DORA Supply Chain Resilience Obligations

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

Foley & Lardner LLP

Key Takeaways: 7th Annual “Let’s Talk Compliance” Conference

Foley & Lardner LLP on

Editor’s Note: PYA and Foley & Lardner hosted the 7th Annual “Let’s Talk Compliance” two-day virtual conference on January 23 and 24, 2025. Panelists included Foley attorneys and PYA subject matter experts. The event was...more

Mitratech Holdings, Inc

Red Flags In Your Vendor’s Business Continuity Plan

Ensure your vendors are crisis-ready by recognizing these key indicators of weak continuity planning. The interconnected nature of modern business means that your vendors’ operational resilience can, and frequently does,...more

Lowenstein Sandler LLP

Top AI Risks General Counsels Should Address

Lowenstein Sandler LLP on

Considering the rapid development and deployment of artificial intelligence (AI) in a wide array of applications and business sectors, it can be a daunting task for a company’s General Counsel (GC) to keep pace in identifying...more

Sheppard Mullin Richter & Hampton LLP

Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident

In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more

Foley & Lardner LLP

President Biden Issues Second Cybersecurity Executive Order

Foley & Lardner LLP on

In light of recent cyberattacks targeting the federal government and United States supply chains, President Biden’s administration has released an Executive Order (the “Order”) in an attempt to modernize and enhance the...more

KPMG Board Leadership Center (BLC)

Oversight of data-related risks

Oversight of data-related risks: From data governance to GenAI and cybersecurity While data governance has been a priority for companies for some time, the explosive growth in the use of generative artificial intelligence...more

Barnea Jaffa Lande & Co.

Understanding DORA: An Overview of the Digital Operational Resilience Act

The Digital Operational Resilience Act (DORA) is an EU regulatory framework, aimed at enhancing the financial sector’s ability to withstand and recover from ICT (information and communication technology) disruptions....more

BakerHostetler

FTC Continues Focus on Disclosure of Health Information to Third-Party Technologies

BakerHostetler on

A recently announced settlement with online alcohol addiction treatment service Monument Inc. demonstrates the Federal Trade Commission’s (FTC) continued focus on the use and disclosure of health data. The proposed settlement...more

NAVEX

Compliance & Cybersecurity – Working and Worrying Together About the Intersection of People and Technology

NAVEX on

I’m not a cyber expert, but as a compliance professional with accountability for internal investigations of employee and third-party misconduct I’ve had a front row seat to the evolution of risk that has mirrored the mass...more

Jenner & Block

Client Alert: How Regulatory Events of 2023 Should Guide Financial Institutions' New Year's Resolutions for 2024

Jenner & Block on

As consumer-facing financial institutions of all types—from well-established banks to newly-launched fintechs—set their 2024 regulatory compliance goals, they may wonder if their New Year’s resolutions align with those that...more

Holland & Knight LLP

Changing of the Guard? SEC Proposes Significant Amendments to the Safeguards Rule

Holland & Knight LLP on

The SEC continued its recent onslaught of proposed cybersecurity rules in mid-March with three new proposals covering a litany of entities, including investment advisers, broker-dealers, investment companies, clearing...more

Mitchell, Williams, Selig, Gates & Woodyard,...

90 Days Until CPRA Enforcement: A Compliance Roadmap

All businesses – not just those located in California – should be aware of changes to California’s data privacy law. In 2018, California passed the California Consumer Privacy Act (“CCPA”), a first-of-its-kind consumer...more

Dechert LLP

Dechert Cyber Bits - Issue 20

Dechert LLP on

Pelosi Statement Dims the Lights on ADPPA - The prospects for the nation’s first comprehensive data privacy law, the American Data Privacy and Protection Act (the “ADPPA” or the “Bill”), dimmed after House Speaker Nancy...more

American Conference Institute (ACI)

[Virtual Event] U.S. Export & Reexport Compliance For Canadian Operations - January 26th - 27th, 9:00 am - 5:00 pm EST

For a whole decade, ACI’s U.S. Export & Reexport Compliance for Canadian Operations conference continues to stand apart as the only practical, comprehensive event of its kind for the export compliance community in Canada. ...more

Perkins Coie

DoD’s Cybersecurity Rule Will Expand Assessments of Defense Industry to Safeguard Unclassified Information, Raising New...

Perkins Coie on

The U.S. Department of Defense (DoD) has issued a long-awaited interim rule to safeguard unclassified information in the possession of defense contractors by making periodic assessments of a company’s cybersecurity compliance...more

Vedder Price

Investment Services Regulatory Update - August 2017

Vedder Price on

On August 7, 2017, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert providing a summary of the staff’s observations from sweep exams of broker-dealers, investment advisers and funds...more

Thomas Fox - Compliance Evangelist

Day 17 of One Month to More Effective Continuous Improvement-Financial Health Monitoring

Continuous improvement can take many ways, shapes and forms. Typically, when it comes to third-party risks, a Chief Compliance Officer (CCO) or compliance professional will consider the ownership structure to see if there is...more

King & Spalding

OIG Reports Insufficient Oversight Of HIPAA Compliance

King & Spalding on

The HHS Office for Civil Rights (OCR) must improve its oversight and enforcement of patient information privacy and security rules by “covered entities” and their business associates under the Health Information Portability...more

Dorsey & Whitney LLP

Anti-Bribery and Corruption Compliance Practices

Dorsey & Whitney LLP on

Compliance Week published its 2014 Anti-Bribery and Corruption Benchmarking Report, a survey of over 180 executives involved in ethics and FCPA compliance and internal audit. The Survey focused on risk, dealing with third...more

20 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide