News & Analysis as of

Compliance National Institute of Standards and Technology Data Breach

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. ... more +
Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations.  In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -
Ropes & Gray LLP

Adversarial Machine Learning in Focus: Novel Risks, Straightforward Legal Approaches

Ropes & Gray LLP on

The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more

Ward and Smith, P.A.

Privacy and Data Security in Community Associations: Navigating Risks and Compliance

Ward and Smith, P.A. on

For community associations, this is especially important as these organizations often manage large amounts of PII of homeowners and residents (e.g., name, address, phone number, etc.), including certain categories of...more

Schwabe, Williamson & Wyatt PC

Coast Guard Tightens Up Cybersecurity Regulations

Schwabe, Williamson & Wyatt PC on

The maritime industry has become a prime target for hackers. In the last few years, it has seen a steep increase in the number of shipping-related cyberattacks. The recent surge marks a new and pressing challenge for ports...more

Clark Hill PLC

It’s a New Year and a Good Time for a Cybersecurity Checkup

Clark Hill PLC on

2024 was another active year in cybersecurity, with high-profile vulnerabilities and data breaches, and government and private sector responses to them. Examples include pervasive ransomware attacks targeting the healthcare,...more

Levenfeld Pearlstein, LLC

New Year, New State Data Privacy Laws

Levenfeld Pearlstein, LLC on

With the advent of a new year comes a new set of consumer data privacy laws in the United States. Five new state data privacy laws go into effect in January 2025, with additional laws coming throughout 2025 and into 2026....more

Fenwick & West LLP

Cyber Resilience After the Change Healthcare Breach

Fenwick & West LLP on

More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more

Baker Donelson

Show Your Work: The SEC Cyber Rules and Documenting Materiality Analysis Under NIST FIPS 199

Baker Donelson on

The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more

Health Care Compliance Association (HCCA)

Privacy Briefs: October 2023

Health Care Compliance Association (HCCA) on

Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more

Ankura

When Did You Last Test Your Cyber Incident Response Plan?

Ankura on

A cyber incident response plan is a set of guidelines and protocols designed to help an organization detect, respond, contain, and manage any form of a cybersecurity breach. It outlines how best to safeguard the organization...more

Pietragallo Gordon Alfano Bosick & Raspanti,...

Contractors Beware – Cybersecurity Litigation on the Rise Under the False Claims Act

Pietragallo Gordon Alfano Bosick & Raspanti,... on

Takeaway: The DOJ’s Cyber Fraud Initiative and qui tam actions under the False Claims Act represent signification enforcement mechanisms for cybersecurity contractor compliance. On the eve of 2022, the United States began...more

BakerHostetler

Incident Response Practice Tip: Balance Meeting Breach Notification Deadlines With Securing Your Network

BakerHostetler on

State breach notification statutes are being amended on almost a monthly basis. Several laws have, or will soon have, a mandatory notification deadline for notifying affected individuals after the discovery of the incident....more

Orrick, Herrington & Sutcliffe LLP

New Guidance for Financial Institution Directors and Officers In Cybersecurity Preparedness

Orrick, Herrington & Sutcliffe LLP on

Earlier this summer, the Federal Financial Institutions Examination Council (FFIEC) released its highly anticipated Cybersecurity Assessment Tool (Assessment), which is designed to assist financial institutions in identifying...more

Holland & Knight LLP

OMB Issues Guidance on Government Contractors’ Cybersecurity Systems

Holland & Knight LLP on

The Office of Management and Budget (OMB) released a draft guidance document on Aug. 11, 2015, titled “Improving Cybersecurity Protection in Federal Acquisitions” (the “OMB Guidance”). The OMB Guidance instructs agencies on...more

13 Results
 / 
View per page
Page: of 1

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide