Month: October 2023

CafePress_data_security

HHS Reaches First Settlement with Health Care Firm Involved in Ransomware Attack

The U.S. Department of Health and Human Services announced a $100,000 settlement with Doctors’ Management Services for failures to determine the potential risks and vulnerabilities to electronic protected health information after a cyberattack exposed the information of more than 200,000 patients. It is notable in that it is the first Read More

SolarWinds

SEC Charges SolarWinds and Its CISO with Fraud, Control Failures

The Securities and Exchange Commission announced charges against Austin, Texas-based software company SolarWinds and its chief information security officer, Timothy G. Brown, for fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities. The complaint alleges that, from at least its October 2018 initial public offering through Read More

FTC Expands Data Breach Reporting Requirements to Nonbank Financial Firms

The Federal Trade Commission has altered its data security rule, known as the Safeguards Rule, to require nonbank financial firms—including mortgage brokers, auto dealers, and payday lenders—to report data breaches to the agency, according to an announcement made Friday. The FTC’s Safeguards Rule requires non-banking financial institutions, such as mortgage brokers, Read More

patient data breaches on the rise

Health Care Patient Data Breaches Doubled in 2023, Reaching 87M

Health care companies are increasingly falling victim to sophisticated hacking efforts—including ransomware attacks—insider threats, and basic security flaws despite the highly confidential nature of patient data. According to new research by Atlas VPN, a virtual private network provider, 87 million patients in the United States had their personal information improperly Read More

SEC seal

SEC Announces 2024 Examination Priorities

The Securities and Exchange Commission has released its 2024 examination priorities to alert companies of the areas that the Examination Division plans to focus on in the upcoming year. This year’s examinations will prioritize areas that pose emerging risks to investors or the markets in addition to core and perennial Read More

Sanctions screening faces many challenges

Sanctions Screening and AML Programs: Embracing a More Holistic Approach

The effectiveness of sanctions screening and anti-money laundering (AML) programs have recently faced extraordinary challenges. The increasing reliance on digital technology, the war in Ukraine, a record surge in sanctions, heightened regulatory scrutiny, and the current economic environment have placed tremendous strain on already stretched compliance teams. Rapidly changing elements Read More

Stock Market

SEC Adopts Dodd-Frank Era Rule on Securities Loans

The Securities and Exchange Commission has adopted a new rule which will require individuals and entities to report information about securities loans to a registered national securities association (RNSA) and require RNSAs to make publicly available information that they receive regarding those lending transactions. The rule is intended to increase Read More

Building a Speak-Up Culture

Reinforcing a Speak-Up Culture in Uncertain Times, Brick by Brick

GUEST BLOG POST: Finding ways for employees to feel comfortable speaking up when something isn’t right is challenging in the best of times. But with the backdrop of uncertainty from a bumpy economy and pending merger, the Activision Blizzard Ethics and Compliance team faces unprecedented headwinds. We’ll walk you through Read More

Discover Bank

Discover Bank Agrees to Compliance Fixes, Avoids FDIC Penalties

Discover Financial Services reached a consent agreement with federal regulators over failures in its Discover Bank unit’s compliance management system. In July, the company reported that it had received a proposed consent order from the Federal Deposit Insurance Corporation (FDIC) “in connection with consumer compliance.” But the company provided few Read More