News & Analysis as of

Compliance Information Technology Data Security

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Dacheng

China Monthly Data Protection Update: July 2025

Dacheng on

This monthly report outlines key developments in China’s data protection sector for July. The following events merit special attention: CAC Issues Third Edition of the Data Export Security Assessment Application Guide: On...more

Cimplifi

Don’t Wait for 2028: Modernize Your eDiscovery Infrastructure Today

Cimplifi on

In January, Relativity announced that Relativity Server will no longer accept new matters beginning in 2028. Recently, they reinforced that message with a clear call to action: the future of eDiscovery is in the cloud—and the...more

Hanzo

Multiple Slack Workspaces, One Governance Strategy: Here’s How to Get It Right

Hanzo on

Managing collaboration at enterprise scale is inherently complex, especially when your organization operates across multiple workspaces. As teams become more distributed, compliance demands intensify, and business units push...more

McCarter & English Blog: Government Contracts...

Building the Cyber Fortress: New Cybersecurity Executive Order Targets Quantum, AI, and Supply Chain Security

McCarter & English Blog: Government Contracts... on

On June 6, 2025, President Trump issued a new executive order, “Sustaining Select Efforts to Strengthen the Nation’s Cybersecurity and Amending Executive Order 13694 and Executive Order 14144” (EO), signaling the construction...more

Guidepost Solutions LLC

Unlocking Opportunity: Navigating the New Data Center Validated End User Program

Guidepost Solutions LLC on

Recently, the U.S. Department of Commerce’s Bureau of Industry and Security (BIS) published a significant interim final rule (IFR) that has created both challenges and exciting opportunities for these operators. This IFR...more

Integreon

DORA Compliance Part 2: Addressing Compliance Across Critical Operational Areas

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

Mitratech Holdings, Inc

IT/DR Plan Spring Cleaning: How to Replace Outdated Policies

Mitratech Holdings, Inc on

Ready to ditch outdated guidelines and adopt a fresh take on your IT Disaster Recovery plans? Spring is the season of renewal, making it the perfect time to refresh not only physical spaces but also strategies and...more

A&O Shearman

ESAs roadmap for designation of critical ICT third-party service providers under DORA

A&O Shearman on

The European Supervisory Authorities (ESAs) have published a roadmap for the designation of critical ICT third-party service providers (CTPPs) under the EU Digital Operational Resilience Act (DORA). The roadmap of key dates...more

A&O Shearman

European Central Bank updates TIBER-EU framework to align with DORA RTS on TLPT

A&O Shearman on

The European Central Bank (ECB) has published an updated version of the threat intelligence-based ethical red teaming framework (TIBER-EU framework) (dated January) to align with the Digital Operational Resilience Act (DORA)...more

Mitratech Holdings, Inc

IT Incident Management Simplified: 5 Strategies for Effective Recovery

Mitratech Holdings, Inc on

Feel confident tackling any threat with a unified incident management approach that integrates roles, communication, and recovery tasks. Small and medium-sized organizations without a disaster recovery plan are 40% more...more

Mitratech Holdings, Inc

BCP & IT/DR: Why Your Business Continuity Strategy Needs Both

Mitratech Holdings, Inc on

Balancing Business Continuity and IT Disaster Recovery is crucial for robust organizational resilience. So, how does your organization integrate both strategies for maximum impact?...more

Sheppard Mullin Richter & Hampton LLP

Data, Deals, and Diplomacy, Part III: DOJ Issues National Security Final Rule with New Data Compliance Obligations for...

Sheppard Mullin Richter & Hampton LLP on

On January 8, 2025, the Department of Justice (“DOJ”) published its final rule addressing Executive Order (E.O.) 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data...more

Health Care Compliance Association (HCCA)

With Nod to OCR, Indiana Inks $350K Deal With Dental Firm Following Hack

Health Care Compliance Association (HCCA) on

Recent federal enforcement actions have brought home the lesson that there’s really no acceptable reason for denying a patient timely access to medical records. Last year, for example, the HHS Office for Civil Rights (OCR)...more

A&O Shearman

The EU Cyber Resilience Act - What You Need to Know

A&O Shearman on

The EU Cyber Resilience Act (CRA) entered into force on 10 December 2024. The CRA is the first legislation of its kind in the world that aims to enhance the cyber security of products or software with a digital component...more

Faegre Drinker Biddle & Reath LLP

EU Digital Operational Resilience Act Priorities for 2025

Faegre Drinker Biddle & Reath LLP on

Background - The Digital Operational Resilience Act (DORA), a European Union (EU) regulation that is set to transform how financial entities and their information technology (IT) service providers manage operational risks,...more

Jackson Lewis P.C.

FAQs for Schools and Persons Affected By the PowerSchool Data Breach

Jackson Lewis P.C. on

A massive data breach hit one of the country’s largest education software providers. According to EducationWeek, PowerSchool provides school software products to more than 16,000 customers, largely K-12 schools, that serve 50...more

Ankura

The Evolution of Password Management

Ankura on

In today's digital landscape, robust password management is critical to information security. With the increasing complexity of cyber threats, ensuring secure access to sensitive information has become more critical than...more

Venable LLP

Offensive Security Under the EU Digital Operational Resilience Act (DORA)

Venable LLP on

The Digital Operational Resilience Act (DORA) regulation is part of the European Union’s (EU) strategy to enhance the overall stability of the EU financial system by ensuring that financial entities are resilient to digital...more

The Volkov Law Group

Dancing on the Head of a Pin: Corporate Boards, Committees and Cybersecurity Risk Management

The Volkov Law Group on

No one was surprised when compliance and risk publications cited cybersecurity as the number one risk that corporations face today.  While this is a relatively simplistic and head-line grabbing statement, the truth remains...more

Opportune LLP

On-Prem Servers vs Azure Cloud: Choosing the RightAngle…

Opportune LLP on

In today's digital landscape, businesses face a choice when implementing RightAngle, do they use their existing on-prem servers and infrastructure, or do they create a new infrastructure and provision servers for the...more

Health Care Compliance Association (HCCA)

Privacy Briefs: November 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 11 (November, 2023) The American Hospital Association (AHA) is urging federal lawmakers to intervene with the HHS Office for Civil Rights (OCR) so that hospitals and health systems can...more

Skadden, Arps, Slate, Meagher & Flom LLP

What Does the SEC’s Complaint Against SolarWinds Mean for CISOs and Boards?

Skadden, Arps, Slate, Meagher & Flom LLP on

On October 30, 2023, the SEC filed a litigated complaint against SolarWinds, a software development company, and Timothy Brown, its chief information security officer (CISO). The SEC alleges that from October 2018, when...more

HaystackID

[Webcast Transcript] M365 for Law Firms and Lawyers: Purview Premium eDiscovery and Security, Capabilities and War Stories

HaystackID on

Editor’s Note: In a rapidly evolving technological landscape, understanding the capabilities and limitations of platforms like Microsoft 365 (M365) is crucial for law firms, especially in the realms of eDiscovery and...more

The Volkov Law Group

The Cyber Compliance Imperative: Bringing Employees Together with Technology (Part III of IV)

The Volkov Law Group on

It is easy to get lost in the technology world of cyber security – the information technology business relies on lots of acronyms, techno-speak and function-specific terminology.  In responding to a cyber and data security...more

American Conference Institute (ACI)

The Role of Artificial Intelligence in Ephemeral Messaging

American Conference Institute (ACI) on

As U.S. regulators and enforcement authorities alike become increasingly focused on corporate oversight practices of their employees' use of third-party messaging applications, including ephemeral messaging, companies should...more

57 Results
 / 
View per page
Page: of 3
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide