Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Compliance Tip of the Day: Internal Control Deficiencies
FCPA Compliance Report: Stay the Course: Ellen Lafferty on Navigating Anti-Corruption Compliance in 2025
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Key Discovery Points: BYOD Case Law Covering Subpoenas and Employee Handbooks
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Compliance Tip of the Day – COSO Objective 1 – Control Environment
Compliance Tip of the Day: Code of Conduct as an Internal Control
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
FCPA Compliance Report: Revolutionizing Speak Up: Ariel D. Weindling on Enhancing Whistleblower Systems
Compliance Tip of the Day: Implementing Internal Controls
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance Amidst a Global Consensus Breakdown
A single outage can spiral into hours of downtime, frustrated customers, and significant revenue loss across your business....more
The Bank of England and the Prudential Regulation Authority (PRA) have released a letter to PRA-regulated firms and relevant financial market infrastructure (FMIs) outlining the thematic findings from the 2024 Cyber Stress...more
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
During the Biden administration, there was a push to prioritize and modernize cybersecurity responses, and the National Institute of Standards and Technology (NIST) agreed to work with the technology industry to develop a new...more
On April 3, NIST published practical incident response guidance aligned with its CSF 2.0 framework. The guidance outlines best practices in security incident preparation and response for organizations mapped across each of...more
Asking the right questions within your organization is key to effectively managing cyber risk. Here are 10 questions that you should ask your team...more
As the healthcare sector continues to be a top target for cyber criminals, the Office for Civil Rights (OCR) issued proposed updates to the HIPAA Security Rule (scheduled to be published in the Federal Register January 6). It...more
More than two months after the February 2024 Change Healthcare cyber-ransom attack, the healthcare industry continues to grapple with the fallout, creating significant challenges, disruptions, and outages to the healthcare...more
The growing concern around cyberthreats for companies across the nation is reflected in the increasingly crowded legislative landscape that provides guidance to organizations, employers, employees, consumers, and investors....more
Report on Patient Privacy 23, no. 10 (October, 2023) Kaiser Foundation Health Plan Inc. and Kaiser Foundation Hospitals will pay California $49 million to resolve allegations that they unlawfully disposed of hazardous waste,...more
As cyber-attacks and data breaches pose an increasing threat to market participants, the US Securities and Exchange Commission (“SEC”) has become increasingly focused on the cyber risks to the public and the market at large....more
Online sports betting has become a booming industry in recent years, with millions of people placing bets and wagers from their phones and computers. Ever since Murphy v. NCAA, the 2018 case in which the United States Supreme...more
The life cycle of a data security incident begins and ends with preparation. Unfortunately, there is no such thing as a network or system with “zero vulnerabilities.” There are jokes about absolute network security,...more
The modern security ecosystem is diverse and ever-changing, a place where cyber risk is top of mind for leaders at all levels, and threats to information / data security and privacy evolve at the speed of the technical...more
Moving towards more predictive postures, leveraging multiple sources of information such as cyber threat, business, and geopolitical intelligence, allow organizations to gain a better handle on crises before they occur. By...more
Crises and uncertainty are inevitable forces in modern business, particularly in cyber and digital. General counsels and legal risk executives are well suited to lead preparedness and resiliency for future crises, uniting key...more
Providers of sports betting services must ensure that their cybersecurity protocols and data privacy policies adequately protect their systems and users. Since the Supreme Court struck down the federal ban on sports gambling...more
Cyber risk management has undergone a significant change over the last couple of years. What once was the headache of the IT or risk management department is now an issue of considerable interest to the Board and senior...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed changes to private fund regulation; the Office of the Comptroller of the Currency (OCC) succeeded in validating its “valid-when-made” rulemaking; the...more
As cybersecurity incidents become increasingly complex, your initial response to a potential cybersecurity crisis matters. The decisions that you make in the first 24 to 48 hours of a potential cybersecurity incident can have...more
A ransomware attack is no company’s idea of a good time, but I do sense one positive development emerging from the epidemic of attacks we’ve witnessed this year: Boards and senior management agree that they must move beyond a...more
An executive order was signed on May 12, directing the federal government to overhaul its approach to cybersecurity. Corporate compliance and risk management professionals should consider this order carefully — because, in...more
The coronavirus crisis is far from over, and compliance professionals still need every scrap of guidance that regulators can provide about how to run compliance programs in these difficult times. So when the Securities and...more
Mark Lanterman, Chief Technology Officer of Computer Forensic Services lives technology at its most terrifying, helping organizations manage the risks of the IT we all use constantly. Recently he authored an article...more
A lot of attention is now being paid to the topic of data governance, and what it means versus data management. Within the last few years, data governance has leapt from an esoteric term bandied about only by IT...more