News & Analysis as of

Compliance Incident Response Plans

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Mitratech Holdings, Inc

5 Challenges in Incident Management (and How to Stay Resilient)

Mitratech Holdings, Inc on

A single outage can spiral into hours of downtime, frustrated customers, and significant revenue loss across your business....more

Mitratech Holdings, Inc

The 2025 TPRM Study: Key Findings and Recommendations

Mitratech Holdings, Inc on

The 2025 Mitratech Third-Party Risk Management (TPRM) Study conveys a clear message: the third-party risk landscape is evolving into a complex, interconnected ecosystem — one where every vendor, supplier, and partner plays a...more

Morris, Manning & Martin, LLP

AI Compliance and Governance for Professional Services Firms

Morris, Manning & Martin, LLP on

Law firms, accounting firms, and consulting firms are embracing AI to improve efficiency, deliver insight, and stay competitive. But without intentional governance, compliance, and policy frameworks, these innovations can...more

Mitratech Holdings, Inc

6 Overlooked Strategies That Strengthen ISO 22301 Compliance

Mitratech Holdings, Inc on

When disruption strikes—be it a cyberattack, supply chain failure, or extreme weather—your systems and team’s ability to respond with speed, clarity, and confidence are tested....more

Baker Botts L.L.P.

Florida Bar Passes Pioneering Cybersecurity Recommendation

Baker Botts L.L.P. on

On March 28, 2025, the Florida Bar unanimously approved Recommendation 25-1, which was proposed by its Cybersecurity & Privacy Law Committee and encourages all Florida Bar members and their firms to adopt certain proactive...more

Mitratech Holdings, Inc

IT/DR Plan Spring Cleaning: How to Replace Outdated Policies

Mitratech Holdings, Inc on

Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more

DLA Piper

CHINA: Mandatory Data Protection Compliance Audits from 1 May 2025

DLA Piper on

Chinese data regulators are intensifying their focus on the data protection compliance audit obligations under the Personal Information Protection Law (“PIPL“), with the release of the Administrative Measures for Personal...more

Mitratech Holdings, Inc

IT Incident Management Simplified: 5 Strategies for Effective Recovery

Mitratech Holdings, Inc on

Feel confident tackling any threat with a unified incident management approach that integrates roles, communication, and recovery tasks. Small and medium-sized organizations without a disaster recovery plan are 40% more...more

Sheppard Mullin Richter & Hampton LLP

Looking Beyond FedRAMP – Lessons from the U.S. Treasury Cybersecurity Incident

Sheppard Mullin Richter & Hampton LLP on

In the ever-evolving world of cybersecurity, even organizations that meet stringent security standards can be victims of sophisticated cyberattacks. A notable example of this is the December 8, 2024 cybersecurity incident...more

Woods Rogers

FAR Council Publishes Proposed Rule Imposing New Security Requirements on Contractors Handling CUI

Woods Rogers on

On January 15, 2025, the Federal Acquisition Regulatory Council published a proposed rule (the FAR CUI Rule) that would amend the Federal Acquisition Regulation (FAR) to impose government-wide cybersecurity, training, and...more

Jackson Lewis P.C.

FAQs for Schools and Persons Affected By the PowerSchool Data Breach

Jackson Lewis P.C. on

A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more

Constangy, Brooks, Smith & Prophete, LLP

Who needs a WISP, and why?

Constangy, Brooks, Smith & Prophete, LLP on

A Written Information Security Plan, or “WISP,” is essential for any organization that handles sensitive personal information. Here’s a quick breakdown of who needs a WISP and why, as well as a checklist to develop one:...more

NAVEX

Sneak Peek: Top 10 Trends in Risk and Compliance 2025 – Rising Temperatures and Workplace Violence

NAVEX on

As 2025 approaches, compliance and risk management professionals must stay vigilant amidst escalating workplace challenges. Among the Top 10 Trends in Risk and Compliance for the upcoming year, two critical issues – rising...more

BakerHostetler

A New Budgetary Line Item for 2025 - New York-based Hospitals Should Plan Now for the Fiscal and Operational Costs Associated with...

BakerHostetler on

On October 2, the New York State Department of Health (NYSDOH) issued new cybersecurity regulations (Regulations) for all general hospitals in New York state (“hospitals”), creating a new Section 405.46 in Title 10 (Health)...more

Health Care Compliance Association (HCCA)

[Event] 2025 Board & Compliance Committee Conference - February 24th - 25th, Phoenix, AZ

Health Care Compliance Association (HCCA) on

The Board & Compliance Committee Conference is designed specifically to educate board members on best practices and recommendations for establishing and maintaining an effective compliance program. The OIG-HHS will discuss...more

Pillsbury Winthrop Shaw Pittman LLP

Navigating the EU’s “NIS 2” Directive: Key Cybersecurity Compliance Points for Businesses Operating in the EU to Consider

Pillsbury Winthrop Shaw Pittman LLP on

The NIS 2 Directive requires a wide range of in-scope organizations to adopt robust cybersecurity measures and incident response plans....more

Society of Corporate Compliance and Ethics...

The SEC’s cybersecurity and disclosure rules: The questions compliance pros still have

Society of Corporate Compliance and Ethics... on

The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more

Holland & Knight LLP

Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference

Holland & Knight LLP on

President Ronald Reagan famously quipped, "I think you all know that I've always felt that the nine most terrifying words in the English language are: I'm from the Government, and I'm here to help."1 At an Oct. 23-24, 2024,...more

Goodwin

NYDFS Publishes Guidance on AI-Related Cybersecurity Risks

Goodwin on

On October 16, 2024, the New York State Department of Financial Services (NYDFS or the “Department”) published an industry letter (the “Guidance”) regarding the increased reliance on artificial intelligence (AI) and the...more

Goodwin

EU Commission Regulations on Digital Operational Resilience: A Reminder That DORA is Less Than Three Months Away and Will Apply to...

Goodwin on

The European Commission’s adoption on 23 October 2024 of the two regulations (Regulations) supplementing the [the Regulation on digital operational resilience for the financial sector Publications Office (europa.eu)] (DORA)...more

Snell & Wilmer

SEC Division of Examinations Priorities for 2025: Examinations Will Prioritize New Rules for Form PF and Regulation S-P, Fiduciary...

Snell & Wilmer on

On October 21, 2024, the Division of Examinations (the “Division”) of the U.S. Securities and Exchange Commission (the “SEC”) issued its annual examination priorities for fiscal year 2025. As with its 2024 examination...more

NAVEX

How Healthcare Organizations Can Strengthen Compliance to Fight Fraud, Waste and Abuse

NAVEX on

Healthcare organizations face an ever-growing list of regulatory demands and risks, with Fraud, Waste, and Abuse (FWA) at the forefront. Addressing FWA is more than avoiding fines under regulations like the False Claims Act –...more

Arnall Golden Gregory LLP

Preparing for the Digital Operational Resilience Act (“DORA”): Key Steps for Payments and Fintech Clients

Arnall Golden Gregory LLP on

The Digital Operational Resilience Act (“DORA”), an EU regulation designed to bolster the resilience of financial entities against Information and Communications Technology (“ICT”) risks, entered into force on January 16,...more

Ankura

Navigating the Fallout: Essential Insights for Healthcare Companies in Light of the Change Healthcare Cyber Breach

Ankura on

The cyber breach at Change Healthcare in 2024 stands out as one of the most significant cyber-attacks in recent memory. Its repercussions extend far beyond immediate industry disruptions, resonating deeply in regulatory...more

Society of Corporate Compliance and Ethics...

[Event] Regional Compliance & Ethics Conference - November 1st, Bellevue, WA

Society of Corporate Compliance and Ethics... on

Looking for compliance education and networking in your area? SCCE’s Regional Compliance & Ethics Conferences offer convenient, local compliance education for practitioners in a variety of locations across the globe, and...more

121 Results
 / 
View per page
Page: of 5
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide