DE Under 3: Court Held That Workday Was an “Agent” to Employers Licensing its AI Applicant Screening Tools
Business Associates Here, There, and Everywhere: When Does Your Service Provider Really Need to Sign a HIPAA Business Associate Agreement?
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Podcast - Risk Management: Troubleshooting & Problem Solving
Cybersecurity in the investment management industry
FCPA Compliance and Ethics Report-Episode 157-Training of Third Parties Under the FCPA
Special Report: The Hot-ish Swag at LegalTech New York 2015
On March 24 2025, the European Commission (EC) adopted the final draft Delegated Regulation setting out Regulatory Technical Standards (RTS) for subcontracting ICT services supporting critical or important functions under the...more
EU national supervisory authorities will collect the Register of Information (ROI) pursuant to the EU’s Digital Operational Resilience Act (DORA) from in scope financial entities in April 2025, with the reference date set as...more
The European Union’s Digital Operational Resilience Act (DORA) came into effect on January 17, 2025. DORA aims to harmonise rules concerning the provision of information and communication technology (ICT) services to...more
After a two-year implementation period, the EU Digital Operational Resilience Act (DORA) takes effect on 17 January 2025. DORA is part of the EU’s Digital Finance Package and aims to strengthen the financial sector’s...more
The EU Digital Operational Resilience Act (“DORA”) is due to apply from 17 January 2025. It is designed to ensure regulated financial entities can withstand and recover from technology issues such as cyber events and...more
A major amendment to the New York State Department of Financial Services' cybersecurity regulations establishes affirmative cybersecurity oversight duties and requires companies to report extortion payments to the agency....more
There will be additional compliance obligations and mandatory contractual provisions introduced for financial entities and outsourced IT service providers. The new DORA seeks to strengthen the resilience of financial...more
On October 27, 2021, the Federal Trade Commission (FTC) announced a newly updated rule under the Gramm-Leach-Bliley Act (GLBA) intended to require financial institutions to strengthen their data security safeguards to protect...more
Keypoint: New York’s Division of Financial Services (DFS) now requires Property and Casualty Insurers writing cyber insurance to comply with the Division’s Cyber Insurance Risk Framework to manage their risk. In her...more
Developing Contingency Plans: The NYDFS Mandate on Licensed Virtual Currency Businesses - The events surrounding COVID-19 have increased the use of fintech products, both out of necessity and convenience. Shelter-in-place...more
The NYDFS has announced that it has extended the deadline for compliance with certain cybersecurity requirements due to the coronavirus emergency. The announcement from the Superintendent of Financial Services of the State...more
March is now here and with it the Cybersecurity Regulation of the New York Department of Financial Services (NYDFS) is now in full force and effect, including requirements relating to Third Party Service Providers (e.g.,...more
On September 4, 2018, the third stage of compliance deadlines under the New York Department of Financial Services’ (DFS) expansive cybersecurity regulation went into effect....more
Banks and other financial institutions rely on a relatively small number of core service providers to process customer personal and financial information. The National Association of Federally-Insured Credit Unions (NAFCU)...more
As a follow-up to our previous reports (December 30, 2016 Alert; February 24, 2017 Alert) regarding the cybersecurity regulations issued by the New York State Department of Financial Services (NYDFS), we would like to remind...more
A legal feud is underway between the world’s biggest hedge fund administrator and a former client over an email scam that resulted in hackers stealing millions in client funds. And not surprisingly, the time-honored...more
We have previously reported about the upcoming New York Financial Services Cybersecurity Regulations. On February 16, 2017, Governor Andrew M. Cuomo announced that “the first-in the-nation cybersecurity regulation to protect...more
As Hogan Lovells previously reported, the New York State Department of Financial Services (NYDFS) has launched a significant initiative to impose detailed cybersecurity requirements on covered financial institutions. On...more
We previously reported on the New York Department of Financial Services’ proposed cybersecurity regulations. During the public comment period, the DFS received over 150 comments. In response, the DFS announced on December 28,...more
The New York Department of Financial Services (“DFS”) recently issued a revised version of the cybersecurity rules that it first announced in the fall of last year. The rules apply to a wide range of insurance, banking, and...more
As we previously reported, in December 2016 the New York Department of Financial Services (the “DFS”) announced that it was revising its proposed regulation that would require banks, insurance companies and other financial...more
The New York Department of Financial Services (NYDFS) announced today a revised regulation that will require all institutions subject to NYDFS supervision to establish and maintain a cybersecurity program meeting "certain...more
The fourth quarter of 2016 has seen an uptick in regulatory activity respecting the financial services sector in the cybersecurity space, both at the state level as previously discussed (here) and on the federal level....more
On September 15, 2015, the Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a National Exam Program Risk Alert (2015 Risk Alert) to provide broker-dealers and investment...more