News & Analysis as of

Cybersecurity Regulatory Requirements Compliance

Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk... more +
Follow this channel for advisories on one of the biggest threats to businesses today. Read a morning brief of fresh guidance and commentary by leading lawyers on security, privacy, risk management, global regulations, data protection, leaks, hacking, cyber insurance, compliance, HIPAA, and every other aspect of cybersecurity of import to corporate readers right now.   less -
Epstein Becker & Green

Hot Topics in Employee Benefits: A Primer for In-House Lawyers

Epstein Becker & Green on

“ERISA, you’ll need a lawyer for that.” Our practice group’s tagline is meant to be a shorthand for the alphabet soup of laws that apply to employee benefits, including the Employee Retirement Income Security Act (ERISA)....more

Jackson Lewis P.C.

New DOL/EBSA Opinion Letter Program Offers A Path to Clarity for Plan Sponsors

Jackson Lewis P.C. on

On June 2, 2025, the U.S. Department of Labor (DOL) announced a significant expansion of its compliance assistance tools by launching an Opinion Letter Program across five key enforcement agencies, including the Employee...more

Venable LLP

A Closer Look at the Data Security Requirements in DOJ's Bulk Data Rule

Venable LLP on

As described in an earlier alert, the Department of Justice (DOJ) recently announced a 90-day pause in enforcement of the "Bulk Data Rule" for entities engaging in good faith compliance. That 90-day grace period ends on July...more

Foley & Lardner LLP

Another FCA Cybersecurity Settlement Reinforces the Enforcement Trend

Foley & Lardner LLP on

A recent United States Department of Justice (DOJ) announcement highlights the fact that the government’s emphasis on cybersecurity enforcement under the False Claims Act (FCA) is not slowing down. According to the press...more

BakerHostetler

Data Governance: Practical Considerations for a Reasonable Security Program

BakerHostetler on

Imagine receiving an email from an unknown actor claiming to have taken approximately 2 terabytes of data from your organization’s network. The threat actor provides a file tree and sample files to substantiate its claim....more

Mitratech Holdings, Inc

EU Cyber Resilience Act: How to Prepare Now

Mitratech Holdings, Inc on

The EU Cyber Resilience Act (CRA), adopted by the European Parliament in 2024, marks a major milestone in European cybersecurity legislation. As the first EU-wide law focused on the cybersecurity of digital products, it...more

Ropes & Gray LLP

Adversarial Machine Learning in Focus: Novel Risks, Straightforward Legal Approaches

Ropes & Gray LLP on

The Artificial Intelligence and Machine Learning (“AI/ML”) risk environment is in flux. One reason is that regulators are shifting from AI safety to AI innovation approaches, as a recent DataPhiles post examined. Another is...more

A&O Shearman

Operational resilience in banking: from regulatory compliance to strategic priority

A&O Shearman on

As regulatory frameworks tighten and cybersecurity threats grow in complexity, operational resilience is, now more than ever, a boardroom challenge for banks....more

McCarter & English Blog: Government Contracts...

The “Prestige”: DoD Unveils NIST SP 800-171 Revision 3, Organizationally Defined Parameters

McCarter & English Blog: Government Contracts... on

On April 15, 2025, the Department of Defense (DoD) released official guidance on Organizationally Defined Parameters (ODPs) appearing in the newly published NIST SP 800-171 Revision 3. At the same time, the DoD reaffirmed...more

Bradley Arant Boult Cummings LLP

Key Legal Issues Facing U.S. Government Contractors in 2025

Bradley Arant Boult Cummings LLP on

As the regulatory environment continues to evolve in the new administration, U.S. government contractors are facing an increasingly complex array of legal challenges. Staying compliant and competitive requires close attention...more

Sheppard Mullin Richter & Hampton LLP

Insurance Cybersecurity Certifications: An (Updated) State Roundup

Sheppard Mullin Richter & Hampton LLP on

Over half of US states require annual compliance certifications from insurance providers. While the filing time frames for this year draw to a close, companies may want to keep them in mind not only for next year, but as a...more

Health Care Compliance Association (HCCA)

OCR Loses Staff, Faces Move to New ‘Enforcement’ Office; Will HIPAA Focus, Independence Suffer?

Health Care Compliance Association (HCCA) on

Today, the HHS Office for Civil Rights (OCR) stands shoulder-to-shoulder with the likes of the Office of Inspector General and Office of General Counsel, one of just a dozen or so agencies reporting directly to the secretary....more

Alston & Bird

UK Government Publishes Cyber Governance Code of Practice for Boards and Directors

Alston & Bird on

On April 8, 2025, the UK government published the Cyber Code of Practice (the “Code”) to support board directors in governing cybersecurity risks. The Code is available online. The UK’s data protection regulator is actively...more

Davis Wright Tremaine LLP

Deadline Approaching: Covered Entities Must File Certifications of Compliance With Amended NYDFS Cyber Regulation by April 15

Davis Wright Tremaine LLP on

In November 2023, the New York Department of Financial Services (NYDFS) issued its second amendment to its "Cybersecurity Requirements for Financial Services Companies (the Cybersecurity Regulation or Part 500). This was the...more

Sheppard Mullin Richter & Hampton LLP

FedRAMP 20x – Major Overhaul Announced to Streamline the Security Authorization Process for Government Cloud Offerings

Sheppard Mullin Richter & Hampton LLP on

On March 24, 2025, the Federal Risk and Authorization Management Program (“FedRAMP”) announced a major overhaul of the program, which is being called “FedRAMP 20x.” The FedRAMP 20x announcement stated there are no immediate...more

Integreon

DORA Compliance Part 1: Proactively Meeting DORA Supply Chain Resilience Obligations

Integreon on

Introduction to DORA and its Implications - As of Jan.17, 2025, the European Union’s Digital Operational Resilience Act (DORA) became enforceable. This new regulatory framework significantly impacts financial institutions and...more

A&O Shearman

Hong Kong passes its first Cybersecurity Law to safeguard critical infrastructure

A&O Shearman on

Hong Kong’s Legislative Council passed the Protection of Critical Infrastructures (Computer Systems) Bill (the “CI Bill”) on March 19, 2025. This landmark legislation aims to enhance cybersecurity and minimize disruptions...more

Gardner Law

Why Compliance Audits Are Non-Negotiable

Gardner Law on

In today’s heightened enforcement environment, compliance auditing isn’t just a best practice—it’s a necessity. Federal and state laws and industry guidance, including the Office of Inspector General (OIG) Compliance Program...more

HaystackID

[Webcast Transcript] Discovering Data Quickly in High-Stakes White-Collar Investigations

HaystackID on

Editor’s Note: White-collar investigations can send shockwaves through an organization, demanding swift, strategic, and legally sound responses. In a recent HaystackID® webcast, experts broke down the complexities of...more

Husch Blackwell LLP

Deadline Ahead: NYDFS Compliance Notifications are due by April 15

Husch Blackwell LLP on

Businesses that are subject to the NYDFS Cybersecurity Regulations have four weeks left to submit their annual notices of compliance or acknowledge their noncompliance. When the regulations were amended in 2023, several of...more

Walkers

Enhanced Cayman Islands licensing framework for virtual asset custody providers and trading platform operators takes effect from 1...

Walkers on

With effect from 1 April 2025, the licensing regime under the VASP Act will be implemented, requiring those providing virtual asset custody services or operating virtual asset trading platforms to obtain a licence under the...more

Perkins Coie

HHS Proposal To Strengthen HIPAA Security Rule

Perkins Coie on

Earlier this year, the U.S. Department of Health and Human Services Office for Civil Rights (OCR) adopted a new proposal to strengthen the Health Insurance Portability and Accountability Act (HIPAA) security standards...more

Husch Blackwell LLP

Raising Capital in a Highly Regulated Market

Husch Blackwell LLP on

For early-stage life sciences and health tech companies, raising capital is about more than demonstrating scientific promise. Investors are increasingly focused on regulatory preparedness, reimbursement strategy, and risk...more

Lighthouse

Strategic Insights for Safeguarding Information with Microsoft Purview

Lighthouse on

Successful Microsoft Purview deployments require more than just technical implementation—they demand strategic planning, cross-functional collaboration, and ongoing optimization. Read about the key steps required to...more

King & Spalding

EU & UK AI Round-up

King & Spalding on

The first EU & UK AI Round-up, published on 15 January 2025, discussed the important regulatory updates affecting the AI ecosystem in both the EU and the UK that occurred towards the end of 2024. Notably since that update,...more

142 Results
 / 
View per page
Page: of 6
Next »

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
- hide
- hide