Compliance
Cybersecurity breaches, attacks, data and customer privacy issues involving compliance regulations like HIPAA, PCI, Sarbanes-Oxley and more.
Oregon Amends Data Breach Notification Law
Oregon’s amended data breach notification law has new requirements, prohibits fees for security freezes and adds a specific notification timing requirement, Hunton Andrews Kurth explains.
Texas Medical Center Fined $4.3 Million for HIPAA Security Violations
A Texas cancer treatment center has been fined $4.3 million in civil penalties for violating HIPAA compliance rules.
Data Mapping: A Key Challenge in Achieving GDPR Compliance
The first step toward GDPR (general data protection regulation) is to map or collect all the personal data of the company. What does that mean? ISACA explains.
Arizona Amends Data Breach Notification Law
Arizona recently amended its data breach notification law, which now features a 45-day breach notification requirement. Hunton Andrews Kurth explains.
3 Immediate Steps to Lower Your Security Risk
Managing risk across an organization requires a lot of different things: setting strategy, determining tolerance, defining metrics. Delta Risk offers this advice.
Does Yahoo’s SEC Cyber Disclosure Settlement Set Enforcement Bar?
The SEC’s recent $35 million settlement over the Yahoo! data breach provides an object lesson in the consequences of failing to publicly disclose a major cyberattack.
Colorado Law Tightens Data Breach Notification Rules
Colorado Gov. John Hickenlooper has substantially tightened reporting requirements for organizations hit by a data breach and firmed up measures to protect consumers’ confidential information.
M&A and Cyber Diligence: New York’s DFS Issues a Reminder
Financial services & insurance companies with New York ties must look beyond their own data cybersecurity practices when considering M&A, Patterson Belknap explains.
Cambridge Analytica and Facebook: Latest Lessons for Enterprise
The Facebook and Cambridge Analytica data story offers timely lessons for leaders and practitioners in the security, risk and assurance communities. ISACA explains.
Privacy, Compliance or Breach Laws: Indifference Doesn’t Pay Off
Regulatory environments across the globe are changing to enforce data security, with a focus on data breach response. Here’s what to seek in a partner.