News & Analysis as of

Compliance Data Protection Cyber Crimes

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Ward and Smith, P.A.

Data Security and National Security: Are You the Weak Link?

Ward and Smith, P.A. on

International cybercrime is not new.  As a business owner in today's interconnected economy, you know all about the need to protect your technology, financial accounts, business operations, and customer data from digital...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2024

Health Care Compliance Association (HCCA) on

23andMe agreed to pay $30 million and provide three years of security monitoring to settle a lawsuit accusing the genetics testing company of failing to protect the privacy of 6.9 million customers whose personal information...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

The Volkov Law Group

Episode 282 -- CISO and CCOs -- The Evolving Partnership

The Volkov Law Group on

If you ask corporate board members and senior executives to list their number one risk (other than financial operations), the answer in today’s risk environment is clear – cybersecurity and data privacy. The rapid elevation...more

Alston & Bird

Incomplete Cybersecurity Compliance Disclosures May Support Fraud Claim Under the False Claims Act, Federal Court Holds

Alston & Bird on

At the heels of a recent Civil Cyber-Fraud Initiative related to cybersecurity practices and the False Claims Act (FCA), a cybersecurity-related FCA case has survived a motion for summary judgment, teeing up a trial to...more

WilmerHale

DOJ Launches “Civil Cyber Fraud Initiative” to Use the False Claims Act to Address Cybersecurity-Related Conduct

WilmerHale on

The US Department of Justice (DOJ) recently announced plans to use the False Claims Act (FCA) to pursue cybersecurity-related fraud by government contractors, subcontractors and grant recipients, including for providing...more

Faegre Drinker Biddle & Reath LLP

SEC Issues New Risk Alert on “Credential Stuffing” Attacks

Faegre Drinker Biddle & Reath LLP on

On September 15, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) issued a Risk Alert highlighting the recent uptick in “credential stuffing” cyber-attacks against SEC-registered investment advisors...more

NAVEX

4 Ways to Protect ePHI Beyond HIPAA Compliance

NAVEX on

Given the choice between credit card data and digital health records, cybercriminals prefer the latter. A stolen credit card can be canceled. Electronic protected health information (ePHI) with its treasure-trove of...more

The Volkov Law Group

Managing Third-Party Vendor Cybersecurity Risks (Part II of III)

The Volkov Law Group on

We all know that businesses rely on a large number of third-party vendors to support their business operations.  Many of these third parties require access to a company’s data and its internal information and technology...more

Perkins Coie

Could a Vendor’s Lax Info Security Ruin Your Holiday Sales? Seven Preventative Steps for Retailers

Perkins Coie on

Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more

Bilzin Sumberg

Alphabet Soup and Data Security

Bilzin Sumberg on

In the span of two days, mobile device users learned of two data breaches that could compromise their personal data. In one, Experian (a credit reporting agency) reported that it was hacked, potentially putting 15 million...more

Orrick, Herrington & Sutcliffe LLP

California Updates its Data Breach Notice Statute (Again)—What You Need to Know

Orrick, Herrington & Sutcliffe LLP on

On October 6, California Governor Jerry Brown signed legislation updating California’s data breach notice statute for the third time in three years.  The news was quickly overshadowed by the CJEU’s decision invalidating the...more

Robinson+Cole Data Privacy + Security Insider

SEC brings first cybersecurity-related enforcement action

Robinson+Cole Data Privacy + Security Insider on

The Securities and Exchange Commission (“SEC”) recently settled its first cybersecurity-related enforcement action against a Missouri based registered investment adviser, R.T. Jones Capital Equities Management, Inc. (the ...more

BakerHostetler

The SEC OCIE Announces Increased Scrutiny of Broker-Dealers’ and Investment Advisers’ Cybersecurity Programs

BakerHostetler on

On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more

Akerman LLP - Health Law Rx

Evolving Litigation of Data Breach Claims

Akerman LLP - Health Law Rx on

An Illinois circuit court judge has dismissed five of six claims in a consolidated class action against Advocate Health and Hospital Corporation arising from a data breach in July 2013. The judge’s dismissal with prejudice...more

The Volkov Law Group

Checking In on Sanctions Enforcement

The Volkov Law Group on

The Department of Treasury’s Office of Foreign Asset Control continues to ramp up sanctions enforcement. Even with the likely relaxation of the Iran and Cuba sanctions, OFAC has been continuing its aggressive enforcement...more

Seyfarth Shaw LLP

OCR Enters into $750,000 Settlement with Physician Practice for HIPAA Violations

Seyfarth Shaw LLP on

On September 2, the Department of Health and Human Services Office of Civil Rights (OCR) announced a settlement with Cancer Care Group, P.C., a thirteen-physician oncology practice in Indiana related to violations of the...more

BakerHostetler

Incident Response Practice Tip: Balance Meeting Breach Notification Deadlines With Securing Your Network

BakerHostetler on

State breach notification statutes are being amended on almost a monthly basis. Several laws have, or will soon have, a mandatory notification deadline for notifying affected individuals after the discovery of the incident....more

Robinson+Cole Data Privacy + Security Insider

Interim rule requires Department of Defense contractors to report cyber breaches

Robinson+Cole Data Privacy + Security Insider on

Companies doing business with the U.S. Department of Defense are facing new requirements for reporting data security breaches and for acquiring cloud computing services. The Interim Rule, effective August 26, 2015, amends the...more

Robins Kaplan LLP

9 Key Provisions of Outsourcing Contracts That Matter

Robins Kaplan LLP on

Outsourcing, whether technical or process-centric, has become an increasingly important component of businesses of all sizes. Handing over the complexity of ever-changing systems that require increasing expertise can often...more

Orrick, Herrington & Sutcliffe LLP

New Guidance for Financial Institution Directors and Officers In Cybersecurity Preparedness

Orrick, Herrington & Sutcliffe LLP on

Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more

Robinson+Cole Data Privacy + Security Insider

Seventh Circuit rules hospital system is not a Consumer Reporting Agency under FCRA

Robinson+Cole Data Privacy + Security Insider on

Is a hospital a “consumer reporting agency”? Can a health care provider be liable under the Fair Credit Reporting Act (FCRA) in the event of a data breach? The Seventh Circuit Court of Appeals recently considered these...more

Holland & Knight LLP

OMB Issues Guidance on Government Contractors’ Cybersecurity Systems

Holland & Knight LLP on

The Office of Management and Budget (OMB) released a draft guidance document on Aug. 11, 2015, titled “Improving Cybersecurity Protection in Federal Acquisitions” (the “OMB Guidance”). The OMB Guidance instructs agencies on...more

23 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide