Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Compliance Tip of the Day: Internal Control Deficiencies
FCPA Compliance Report: Stay the Course: Ellen Lafferty on Navigating Anti-Corruption Compliance in 2025
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Key Discovery Points: BYOD Case Law Covering Subpoenas and Employee Handbooks
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Compliance Tip of the Day – COSO Objective 1 – Control Environment
Compliance Tip of the Day: Code of Conduct as an Internal Control
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
FCPA Compliance Report: Revolutionizing Speak Up: Ariel D. Weindling on Enhancing Whistleblower Systems
Compliance Tip of the Day: Implementing Internal Controls
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance Amidst a Global Consensus Breakdown
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
Healthcare data breaches are occurring more frequently and on larger scales than ever before – and while you defend against cyberattacks and other external threats, make sure you do not overlook the critical role your...more
Editor’s Note: In this exploration of cybersecurity in the digital era, the article “Shifting Left in eDiscovery: Embracing Secure-by-Design and AI for Enhanced Cybersecurity” considers the crucial intersection of...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more
The growing concern around cyberthreats for companies across the nation is reflected in the increasingly crowded legislative landscape that provides guidance to organizations, employers, employees, consumers, and investors....more
The Department of Homeland Security amended its regulations due to the urgent need to protect Controlled Unclassified Information. On June 21, 2023, the Department of Homeland Security (DHS or Department) issued a final...more
Moving towards more predictive postures, leveraging multiple sources of information such as cyber threat, business, and geopolitical intelligence, allow organizations to gain a better handle on crises before they occur. By...more
Like many other industries, manufacturing has been hit hard with labor shortages. As of April 2022, U.S. factory activity reportedly is at its slowest pace in more than 18 months. Consequently, many factories seek more...more
A new discourse in the cyber risk management landscape of US public companies is here. This past March 2022, the US Securities and Exchange Commission (SEC) added another item to their to-do list by announcing a...more
2021 was a game-changing year in cybersecurity. There were many high profile vulnerabilities and data breaches, and responses from the government and private sector. A few examples include Accellion, SolarWinds, Microsoft...more
On February 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) proposed a package of new rules and amendments to enhance cybersecurity preparedness and improve cyber resilience of investment advisers and investment...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed changes to private fund regulation; the Office of the Comptroller of the Currency (OCC) succeeded in validating its “valid-when-made” rulemaking; the...more
There is little doubt that the U.S. Securities and Exchange Commission is making cybersecurity a top priority. SEC Chair Gary Gensler told a Senate committee on Tuesday, September 14, 2021 that the agency is developing a...more
An executive order was signed on May 12, directing the federal government to overhaul its approach to cybersecurity. Corporate compliance and risk management professionals should consider this order carefully — because, in...more
America’s data is under attack. Solar Winds and other recent headline-grabbing stories have demonstrated that foreign adversaries are eager to hack into computer systems for a wide range of purposes. The US Department of...more
Corporate Social Responsibility (“CSR”) and Environmental, Social, and Governance (“ESG”) practices have increasingly become priorities for many organizations as they assess their obligations to their employees, customers,...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
With 46% of UK business reporting a cyber attack during 2019/2020 and 32% reporting at least one a week – see the UK Government’s Cyber Security Breaches Survey 2020 – the UK’s Financial Conduct Authority (“FCA”) has issued a...more
On July 17, 2020 the Cybersecurity and Infrastructure Security Agency (CISA) released the COVID-19 Recovery CISA Tabletop Exercise Package (CTEP) “to assist private sector stakeholders and critical infrastructure owners and...more
Hope for the best, but plan for the worst. Join us as we address ways to protect family privacy from external threats, and policies and procedures for handling information that individual family members wish to keep private...more
Seyfarth Synopsis: The Cybersecurity & Infrastructure Agency (CISA), on behalf of the Federal government, has issued a revised advisory memorandum listing “essential” infrastructure and workers during the COVID-19 pandemic. ...more
Seyfarth Synopsis: As the COVID-19 pandemic continues to spread and affect our lives and businesses across the U.S., we are continually following the latest updates and providing insight. ...more
In this episode, Carlton Fields attorneys Kevin McCoy and Joe Swanson discuss the circumstances involved in a recent data breach involving the cannabis industry. We explore cybersecurity and data privacy issues that all...more