News & Analysis as of August 4, 2025

Incident Response Plans

+ Follow

Compliance programs typically refer to formalized institutional procedures within corporations and organizations to detect, prevent and respond to indvidual and widespread instances of regulatory violations. In response to many corporate scandals evidencing rampant unethical business practices, many nations, including the United States, began passing strict regulatory frameworks aimed at curbing these abuses. Notable pieces of legislation in this area include the U.S. Foreign Corrupt Practices Act (FCPA), Sarbanes-Oxley (SOX), and the U.K. Bribery Act, to name a few. The foregoing statutes and the severe penalties often associated with them form the basis of many modern institutional compliance programs. less -

Episode 380 — NAVEX’s 2025 Hotline Benchmark Report

The Volkov Law Group on 8/4/2025

NAVEX dominates the hotline market. Given its global footprint, NAVEX has access to a large database of employee reports. Building on this unique perspective, NAVEX provides an annual report analyzing the employee reporting...more

Ohio’s Cyber Law For Local Governments: 5 Steps Over 75 Days to Meet the September 29 Deadline

Dickinson Wright on 7/25/2025

In its FY 2026 budget, Ohio quietly folded in a sweeping cybersecurity mandate that will require every “political subdivision” to have a cybersecurity program that aligns with recognized industry frameworks and adopt strict...more

Navigating the EU’s “NIS 2” Directive: Key Cybersecurity Compliance Points for Businesses Operating in the EU to Consider

Pillsbury Winthrop Shaw Pittman LLP on 11/5/2024

The NIS 2 Directive requires a wide range of in-scope organizations to adopt robust cybersecurity measures and incident response plans....more

The SEC’s cybersecurity and disclosure rules: The questions compliance pros still have

Society of Corporate Compliance and Ethics... on 11/1/2024

The U.S. Securities and Exchange Commission (SEC) Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure rules officially went into effect in December 2023. Aimed at improving cybersecurity risk...more

How Healthcare Organizations Can Strengthen Compliance to Fight Fraud, Waste and Abuse

NAVEX on 10/23/2024

Healthcare organizations face an ever-growing list of regulatory demands and risks, with Fraud, Waste, and Abuse (FWA) at the forefront. Addressing FWA is more than avoiding fines under regulations like the False Claims Act –...more

People and Policy: Building Compliance and Ethics into Your Company’s DNA

Mitratech Holdings, Inc on 9/30/2024

It’s not enough to have the right policies in place — you have to embed those policies into the fabric of your organization. In today’s fast-paced and interconnected business world, ensuring compliance and building an...more

Privacy Briefs: September 2024

Health Care Compliance Association (HCCA) on 9/20/2024

The HHS Centers for Medicare & Medicaid Services (CMS) and Wisconsin Physicians Service Insurance Corporation (WPS) are notifying 946,801 people whose protected health information or other personally identifiable information...more

California Legislature Sends Bills Regulating AI to the Governor

Davis Wright Tremaine LLP on 9/10/2024

Last week, the California Legislature passed several bills that, if signed by the governor, will regulate how organizations develop, train, and use artificial intelligence (AI) models, systems, and applications. Of these...more

What is DORA, and How Will It Impact You? Demystifying The Digital Operational Resilience Act

Mitratech Holdings, Inc on 7/1/2024

Get Ahead of the Curve and Prepare for the January 2025 Digital Operation Resilience Act Compliance Deadline with Confidence. The financial sector is no stranger to regulations aimed at enhancing operational resilience...more

Navigating California's Workplace Violence Prevention Law

Farella Braun + Martel LLP on 3/4/2024

California has introduced a new requirement compelling most employers to implement a workplace violence prevention policy by July 1, 2024. The implications of this law are significant, prompting the need for human resource...more

Top Privacy and Cybersecurity Issues to Track In 2024

Baker Donelson on 1/29/2024

In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more

Proposed Rule: Avoiding a Worst-Case Scenario for Worst-Case Discharges

Williams Mullen on 1/19/2024

EPA is poised to issue a final rule (the Rule) requiring stringent planning requirements for facilities with the potential for a “worst-case discharge” that could reasonably be expected to cause substantial harm to the...more

Show Your Work: The SEC Cyber Rules and Documenting Materiality Analysis Under NIST FIPS 199

Baker Donelson on 10/24/2023

The date July 26, 2023, marks the latest evolution of the cybersecurity regulation landscape as the Securities and Exchange Commission passed cybersecurity regulations for publicly traded companies. At the open meeting, SEC...more

SEC Adopts Final Cybersecurity Rules for Public Companies

Mintz - Privacy & Cybersecurity Viewpoints on 8/2/2023

In a narrow 3-2 decision on July 26, the SEC adopted its final rule concerning cybersecurity risk management, strategy, governance, and incident disclosure (the “Final Rule”). Below we highlight some of the principal changes...more

[Webcast Transcript] Data Mining in Incident Response: Managing Risk and Spend through an Effective Evidence-Based Approach

HaystackID on 9/8/2022

Editor’s Note: On August 31, 2022, HaystackID shared an educational webcast on the topic of data mining in data breach incident response. As data mining has increasingly become one of the largest expenses during a cyber...more

15 Results

View per page

Page: of 1

Compliance › Reporting Requirements › Incident Response Plans

"My best business intelligence, in one easy email…"