Compliance Tip of the Day: Leveraging AI for Real-Time Third-Party Risk Management
Episode 365 -- Four Sanctions Cases Everyone Should Know
The Privacy Insider Podcast Episode 12: Compliance Is Good Business: Getting Beyond Fines with Tom Fox of Compliance Podcast Network
Bar Exam Toolbox Podcast Episode 296: Listen and Learn -- Third-Party Rights in Contracts (Part 1 - Rules)
Corporate Use of Third-Party Artificial Intelligence (AI) Tools
One Month to More Effective Written Standards: Day 17 – Policies for Third-Parties
Third Party Observation in Patent Prosecution in China
Consumer Finance Monitor Podcast Episode: Recent Federal and State Debt Collection Developments
Thobekile Cynthia Khumalo on Third Party Due Diligence
Protecting Trade Secrets When Facing Lawsuits or Alternative Dispute Resolution Procedures
Education Data Privacy and Security Laws: Best Practices for School Districts
Episode 162 -- Jessica Sanderson on How to Conduct a Remote Third Party Audit
VIDEO: Update on Third Party Workers’ Compensation Settlements in Pennsylvania
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
Subro Sense Podcast - Unpacking Product Claims Against Amazon
Business Succession Planning: Strategies for the Transition
E17: Carpenter Decision Builds Up Privacy from #SCOTUS
Day 17 of One Month to More Effective Continuous Improvement-Financial Health Monitoring
Day 6 of One Month to More Effective Continuous Improvement-Data Analytics and the Monitoring of Third Parties
FCPA COMPLIANCE REPORT-EPISODE 337, JAMES GELLERT ON ASSESSING 3RD PARTY FINANCIAL HEALTH FOR COMPLIANCE
HCCA's Healthcare Privacy Compliance Academy is a three-and-a-half-day interactive education program with a focus on the vast body of privacy laws and regulations in place to help you protect PHI and other critical data. Our...more
Recently, we had the opportunity to advise some clients who worked with a third-party vendor that maintained custody of personal information pertaining to our clients’ respective end users. The vendor suffered a data breach...more
Ensure your vendors are crisis-ready by recognizing these key indicators of weak continuity planning. The interconnected nature of modern business means that your vendors’ operational resilience can, and frequently does,...more
Designed for professionals with some compliance knowledge and experience, HCCA’s Healthcare Privacy Compliance Academy is ideal for practitioners who want a deeper understanding of effective compliance management in a...more
Efforts to secure systems and data from a cyberattack often focus on measures such as multifactor authentication (MFA), endpoint monitoring solutions, antivirus protections, and role-based access management controls, and for...more
Ascension Data & Analytics LLC, a data analytics company for the mortgage industry, has entered into a proposed settlement agreement with the Federal Trade Commission (FTC) following allegations that it violated the...more
This blog is the third in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as...more
This blog is the second in a series exploring how organizations can prevent or mitigate the severity of a third-party data breach or cyber exploit by implementing a variety of cybersecurity risk management controls, such as...more
On June 12, 2019 Lightyear Dealer Technologies LLC, a company that provides data storage for many of the nation’s largest auto dealers, stipulated to an Order with the Federal Trade Commission (FTC) resulting from a 2016 data...more
It’s been a tough week for the healthcare industry. Just days after Quest Diagnostics reported a breach at a third-party vendor affecting approximately 11.9 million of its patients, LabCorp disclosed that a breach at the...more
According to reports, bank customers in Australia (yes, data breach notification requirements exist down under) have been affected by “an industry-wide” data breach experienced by a third-party service provider to the banks –...more
Studies about vendor risk related to data security always fascinate me, because conceptually those risks are so similar to the vendor risk challenges corporate compliance officers face with anti-corruption — and yet, the...more
Your company’s computer system has been compromised by a hacker. From your initial investigation, you discover that the hacker has accessed proprietary company information and customer information including Social Security...more
There are several reasons an employer might have employee health information, ranging from the results of a pre-employment physical to the contents of a request for FMLA leave to what’s written in a health provider’s note...more
On October 6, 2015, California Governor Jerry Brown signed into law several changes to California’s Data Breach Notification Statute. The law, as amended, adds additional categories of information into the definition of...more
A registered investment adviser agreed to settle SEC charges that it failed to adopt adequate cybersecurity policies and procedures reasonably designed to protect customer records and information as required by Rule 30(a) of...more
On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation...more
On September 15, 2015, the Security and Exchange Commission’s Office of Compliance Inspections and Examinations (“OCIE”) issued a Risk Alert to provide additional information on the areas of focus for its second round of...more
Second Round of Cybersecurity Examinations to Begin - On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing a...more
With headlines every day announcing another release of Protected Health Information (PHI), providers are asking themselves – is there a way to protect against these breaches? Beyond improving the security of large...more
Companies are reminded of the need for strong internal controls. The US Securities and Exchange Commission (SEC) and the Department of Justice (DOJ) recently filed civil and criminal actions in the largest hacking and...more