Compliance Tip of the Day: Rethinking Corporate AI Governance Through Design Intelligence
Compliance Tip of the Day: COSO Governance Framework: Part 4, Culture
Compliance Tip of the Day: COSO Governance Framework: Part 1, Introduction
Compliance Tip of the Day: Internal Control Deficiencies
FCPA Compliance Report: Stay the Course: Ellen Lafferty on Navigating Anti-Corruption Compliance in 2025
Adventures in Compliance: The Novels – The Hound of the Baskervilles, Introduction and Compliance Lessons Learned
Compliance Tip of the Day: Assessing Internal Controls
Key Discovery Points: BYOD Case Law Covering Subpoenas and Employee Handbooks
Compliance Tip of the Day: COSO Objective 5 – Monitoring Activities
Compliance Tip of the Day: COSO Objective 4 - Control Information and Communication
Hospice Insights Podcast - Election Inspection: Be Proactive to Avoid Costly Election Statement Denials
Compliance Tip of the Day: COSO Objective 3 – Control Activities
Compliance Tip of the Day – COSO Objective 1 – Control Environment
Compliance Tip of the Day: Code of Conduct as an Internal Control
Rethinking Records Retention
Compliance Tip of the Day: Internal Controls for GTE
FCPA Compliance Report: Revolutionizing Speak Up: Ariel D. Weindling on Enhancing Whistleblower Systems
Compliance Tip of the Day: Implementing Internal Controls
Podcast: Addressing Patient Complaints About Privacy Violations
Compliance Amidst a Global Consensus Breakdown
Last month, Paul Hastings sponsored the Cybersecurity Law Workshop at the Spring Privacy & Security Forum held at George Washington University in Washington, D.C. The Cybersecurity Law Workshop featured three panels of...more
Material updates to the HIPAA Security Rule could be on the way — affecting all HIPAA-regulated entities — for the first time in two decades. The Department of Health and Human Services (HHS) issued a Notice of Proposed...more
In recognition of International Privacy Day on January 28, we wanted to share some insights on the top privacy and cybersecurity issues for the new year. Data privacy and cybersecurity will continue to be one of the most...more
On November 1, 2023, New York Department of Financial Services (NYDFS or the “Department”) released the finalized revisions (the “Second Amendment”) to 23 NYCRR Part 500 (Part 500) – the most significant modifications to Part...more
The growing concern around cyberthreats for companies across the nation is reflected in the increasingly crowded legislative landscape that provides guidance to organizations, employers, employees, consumers, and investors....more
Moving towards more predictive postures, leveraging multiple sources of information such as cyber threat, business, and geopolitical intelligence, allow organizations to gain a better handle on crises before they occur. By...more
A new discourse in the cyber risk management landscape of US public companies is here. This past March 2022, the US Securities and Exchange Commission (SEC) added another item to their to-do list by announcing a...more
2021 was a game-changing year in cybersecurity. There were many high profile vulnerabilities and data breaches, and responses from the government and private sector. A few examples include Accellion, SolarWinds, Microsoft...more
In This Issue. The U.S. Securities and Exchange Commission (SEC) proposed changes to private fund regulation; the Office of the Comptroller of the Currency (OCC) succeeded in validating its “valid-when-made” rulemaking; the...more
An executive order was signed on May 12, directing the federal government to overhaul its approach to cybersecurity. Corporate compliance and risk management professionals should consider this order carefully — because, in...more
[author: Matt Kelly] In September 2020 the National Institute of Standards and Technology (NIST) unveiled the fifth version of its cybersecurity standard formally known as SP 800-53, “Security and Privacy Controls for...more
On January 27, 2020, the SEC’s Office of Compliance Inspections and Examinations (OCIE) announced its most recent Cybersecurity and Resiliency Observations. This report highlights specific practices that have been, and can be...more
A lot of attention is now being paid to the topic of data governance, and what it means versus data management. Within the last few years, data governance has leapt from an esoteric term bandied about only by IT...more
When it comes to digital threats, universities must protect not only a broad and deeply layered infrastructure, but also vast populations of students. In this episode, Elisa D’Amico and Desiree Moore outline their top five...more
On October 16, 2018, the SEC released an Investigative Report detailing recent email spoofing schemes that caused nine public companies to lose a total of nearly $100 million. Building on its February 2018 guidance about the...more
As cybersecurity attacks have continued to gain prominence as a threat posing critical risk management and compliance challenges for financial institutions, the Securities and Exchange Commission (SEC) has emerged as an...more
Non-Enforcement Cybersecurity Is At the Top of SEC Examination Concerns In a recent SEC “risk alert” for registered broker-dealers and investment advisers, the SEC’s Office of Compliance Inspections and Examinations (OCIE)...more