We get Privacy for work — Episode 8: The Surge in Data Breach Lawsuits: Trends and Tactics
The Privacy Insider Podcast Episode 17: Security, Cyber-Intel, and a Sense of Humor with Nir Rothenberg of Rapyd
We get Privacy for work — Episode 7: What Is a WISP and Why Your Organization Must Have One
Under the Radar: DOJ's Data Security Rules and Their Impact on Payments Companies — Payments Pros – The Payments Law Podcast
No Password Required: Former Lead Attorney at U.S. Cyber Command, Cyber Law Strategist, and Appreciator of ‘Mad Men’ Hats
We get Privacy for work – Episode 6: The Potential Privacy Risks Inherent to Mergers and Acquisitions
Taking the Pulse, A Health Care and Life Sciences Video Podcast | Episode 243: HIPAA Compliance and Potential Changes with Shannon Lipham of Maynard Nexsen
We get Privacy for work: The Privacy Pitfalls of a Remote Workforce
No Password Required: From AOL to Award-Winning Cuisine to High-Stakes Hacking
Driving Digital Security: The FTC's Safeguards Rule Explained — Moving the Metal: The Auto Finance Podcast
Privacy for Risk Management: Bridge the Business, Technology and Compliance Gaps
Innovation in Compliance: Real-Time Fraud Prevention Strategies for Financial Loss Prevention with Vince Walden
Innovation in Compliance: The Critical Importance of Mobile Application Security: Insights from Subho Halder
Compliance and AI: Using AI for Data Loss Prevention Systems with Vinay Goel
Safeguarding Your Business Data
Navigating the Maze: eDiscovery Essentials for Employers — Hiring to Firing Podcast
Top Healthcare Compliance Priorities for 2025
Business Better Podcast Episode: Bridging Campuses: Legal Insights on Education Industry Consolidation – Privacy and Data Security
Episode 366 -- DOJ Issues Data Security Program Requirements
FCPA Compliance Report: AI, Data Compliance, and Ownership - A Conversation with Andrew Hopkins
On May 16, 2024, the SEC, under former Chair Gary Gensler, adopted sweeping amendments to Regulation S-P, which governs the privacy and data security of nonpublic consumer personal and financial information for a broad range...more
On May 16, 2024, the Securities and Exchange Commission (SEC) adopted sweeping amendments to Regulation S-P, which governs the privacy of nonpublic consumer personal and financial information for a broad range of financial...more
The SEC’s amended Regulation S-P, adopted last year, will soon enhance data privacy protections for broker-dealers, investment companies, registered investment advisors, and transfer agents. The updated rule requires these...more
On April 22, 2025, Laura D’Allaird, Chief of the SEC’s Cyber and Emerging Technologies Unit (CETU), participated in the Incident Response Forum Masterclass 2025 (Incident Response Masterclass). In the session, titled “SEC...more
On May 15, 2024 the SEC issued Release Nos. 34-100155; IA-6604 (the “Adopting Release”) providing for amendments to the safeguards and disposal rules of Regulation S-P (the “Amendments”). The compliance dates for the...more
Virtually all organizations have an obligation to safeguard their personal data against unauthorized access or use, and, in some instances, to notify affected individuals in the event such access or use occurs. Those...more
On May 16, 2024, the SEC adopted amendments to Regulation S-P to enhance and modernize consumer privacy protections in light of technological developments in how individuals’ personal information is collected, shared and...more
Who may be interested: Investment Companies; Investment Advisers; Broker-Dealers; Transfer Agents - The SEC adopted amendments to Regulation S-P imposing new data privacy and security requirements on broker-dealers,...more
The Securities and Exchange Commission (“SEC”) has announced the adoption of amendments to Regulation S-P (“Amendments”) to modernize and enhance the rules that govern the treatment of consumers’ nonpublic personal...more
On May 16, 2024, the U.S. Securities and Exchange Commission (“SEC”) announced the adoption of amendments to Regulation S-P that were proposed last year (“Final Amendments”).[1] The Final Amendments impose enhanced...more
On May 16, 2024, the Securities and Exchange Commission (“SEC”) announced the adoption of amendments to Regulation S-P (“Reg S-P”) that are designed to modernize and enhance the rules governing the treatment and protection of...more
The SEC remains laser-focused on cybersecurity, with the agency recently reopening the comment period on a sweeping rule for investment advisers and investment companies. In addition, the SEC issued proposed enhancements to...more
On April 26, the SEC’s Division of Examinations (EXAMS) issued a risk alert on the importance of broker-dealers and investment advisers (collectively, “firms”) establishing and following written policies and procedures aimed...more
On March 15, 2023 the Securities and Exchange Commission (“SEC”) proposed three new sets of rules (the “Proposed Rules”) which, if adopted, would require a variety of companies to beef up their cybersecurity policies and data...more
The US Securities and Exchange Commission (SEC) issued a notice of proposed rulemaking (the Proposal) on March 15 that would require SEC-regulated investment advisers, investment companies, and broker dealers to provide...more
The Securities and Exchange Commission (SEC or Commission) voted on March 15, 2023, to propose three new sets of rules for data security, cybersecurity, and IT operational resilience. The newly proposed rules would, among...more
In a speech to the Securities Regulation Institute conference last week, Chair Gary Gensler signaled the SEC may implement more stringent cybersecurity regulations, and in the meantime, would work to enforce existing...more
Case Overview - This week’s U.S. Securities and Exchange Commission enforcement cease-and-desist order (Order) In re App Annie Inc., out of the SEC’s San Francisco Regional Office, underscores the importance of taking...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
On August 30, 2021, the Securities and Exchange Commission (“SEC”) announced three settled orders against several investment advisers, broker-dealers, and dual registrants for violations of Regulation S-P allegedly resulting...more
On August 30, 2021, the Securities and Exchange Commission announced three enforcement actions against registered investment advisers for alleged cybersecurity failures involving cloud-based email systems. All three actions...more
On August 30, 2021, the Securities and Exchange Commission (SEC) announced that eight broker-dealers and/or investment advisers will pay civil monetary penalties to resolve enforcement actions arising from cybersecurity...more
OCIE has released a risk alert regarding credential stuffing in the context of compliance with Regulation S-P and Regulation S-ID, and is encouraging firms to both (i) review and update their policies and procedures to...more
A cyber breach can have serious legal, financial, and reputational consequences for a fund sponsor, as described in our previous post. As such, cybersecurity threats must be treated as business risks, not just a potential IT...more
With more people working remotely than ever before in light of COVID-19, firms in the private equity and hedge fund space should review their Regulation S-P privacy and information-safeguarding policies to ensure they are...more