Innovation in Compliance - Improving Third - Party Risk Management with Paul Valente
The “Catch-22” of Preference Law
Gerry Blass on Healthcare Vendor Risk Management
Cyberside Chats: Would you bury your driver's license? (with Whitney McCollum)
Matt Silverman on Export Compliance
Thobekile Cynthia Khumalo on Third Party Due Diligence
Sitting with the C-Suite: Blending eDiscovery Vendors and Law Firms
Ledgers and Law: Real-World Planning for Cyber Attacks
Education Data Privacy and Security Laws: Best Practices for School Districts
In House Counsel: How To Measure the Effectiveness of Your Staffing Strategy
Sitting with the C-Suite: Identifying Opportunities to Leverage Human Capital
Lessons for Health, Beauty & Wellness Companies [Part 2]: What Options Exist for a Vendor During Bankruptcy
Lessons for Health, Beauty & Wellness Companies: What to do When Your Buyer is in Financial Distress
Sitting with the C-Suite: How Should In-House Counsel Evaluate eDiscovery Service?
Strategies for Restaurant Owners to Survive in the New Normal
Compliance Perspectives: Supply Chain Compliance Challenges
The CCPA for the Land Title Industry: Service Providers and Sale of Data Under the CCPA
Compliance Perspectives: Supply Chains, Human Trafficking and Modern Slavery
Episode 120: Interview of NAVEX Global Third-Party Risk Officials: Chris Bailey and Stephen Gooding
PODCAST: Williams Mullen GovCon Perspectives - Recent Updates to the SWaM Certification Process in Virginia
Share on Twitter Share by Email Share Back to top HIPAA Security Risk Analyses (SRAs) should be the foundation of every digital health company’s cybersecurity compliance. Far more than a checkbox exercise, a comprehensive SRA...more
The ever-increasing privacy and security risks via third-party vendors and service providers were apparent in 2023 with news of large organizations such as MOVEit, Okta and AT&T being affected. Research has shown that 98...more
SCCE’s four-day Compliance & Ethics Essentials Workshop provides comprehensive education on the core elements of a compliance program. The curriculum is ideal for those new to or with little experience in compliance, as well...more
SCCE’s Compliance & Ethics Essentials Workshop provides a comprehensive introduction to the elements of a compliance program to enable attendees to be a more effective member of the compliance team. The workshop is ideal for...more
We recently dove into what vendor risk and vendor risk management entails. Once you understand that this is the risk that results from vendors, it’s simple to extend this and establish that vendor risk assessment (VRA), or...more
A recent FINRA regulatory notice recasts existing obligations regarding outsourcing as a procedural roadmap for broker-dealers to “consider” when using third-party vendors. The Financial Industry Regulatory Authority, Inc....more
Vendor risk management (VRM), or third-party risk management, is the management, monitoring, and evaluation of risks that result from third-party vendors and suppliers of products and services. It’s a crucial initiative...more
Organizations are becoming increasingly reliant on external parties to manage parts of their business, including their critical and sensitive data. While the specialized expertise and economies of scale that third parties and...more
Organizations are becoming increasingly reliant on external parties to manage parts of their business. The centralized knowledge, expertise, and economies of scale that third parties provide enables organizations to focus...more
The transformation to a work from home/work from anywhere model has become the new normal and even after the pandemic ends, many expect that model to continue. This accelerated transition has forced companies to embrace...more
On December 15, 2020, the FTC announced a proposed settlement with Ascension Data & Analytics, LLC, a mortgage industry analytics company, related to alleged violations of the Gramm-Leach-Bliley Act’s (GLBA) Safeguards Rule....more
This client alert will briefly outline key upcoming deadlines under the New York State Department of Financial Services (DFS) Cybersecurity Regulation (the “Regulation”). These include annual filing deadlines coming up in...more
Almost all parties are required to exchange personal data as part of a merger and acquisition transaction. With data breaches on the rise, any buyer in a M&A transaction cannot afford to ignore privacy and data security...more
For Department of Defense (DoD) acquisitions, the Conference Report for Fiscal Year 2018 NDAA includes provisions that simplify and others that complicate contractor responsibilities. Proposed supply chain diligence...more
A broker-dealer recently agreed to pay a $650,000 fine after an OSJ’s cloud vendor failed to adequately protect customer information. Apparently, an outside hacker was able to gain access to non-public personal information...more
Many of the largest retailer data security breaches have been caused or enabled by the acts or omissions of retailers’ vendors, such as the widely publicized incident at Target Corporation. Several such breaches occurred...more
Missouri Auditor Nicole Galloway recently announced plans to conduct cybersecurity audits of five school districts. Coinciding with National Cybersecurity Awareness Month, the audits are intended to reveal how school...more
On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing its second round of examinations of registered investment...more