Premium Content | Compliance Week – Page 31
-
PremiumPrivacy Shield replacement on track, though hurdles remain
The agreement on a new framework for transatlantic data flows between the United States and European Union could be finalized this year. Whether it can stand legal scrutiny is the real question.
-
PremiumAnti-ESG fervor catching fire with Republican lawmakers
The blowback against environmental, social, and governance initiatives in investments and corporate strategies is quickly building momentum in conservative politics, with nearly two dozen states proposing bills that limit ESG investments.
-
PremiumAsk a CCO: Most difficult element of data privacy compliance
Four senior compliance practitioners offer their take on the elements of data privacy compliance businesses can expect to be most difficult to confront.
-
PremiumAsk a CCO: Company investment in data privacy efforts
Four senior compliance practitioners discuss how their respective companies invest in compliance with varying data privacy requirements.
-
PremiumCalifornia ‘setting the tone’ for privacy push with CPRA updates
Changes to the California Consumer Privacy Act set to come over the course of 2023 strengthen the nation’s first comprehensive state privacy law to a benchmark no other states have yet to equal.
-
PremiumCongress or FTC? What about SEC? Where U.S. federal privacy legislation efforts stand in 2023
As more state laws hit the books, businesses are more adamant than ever Congress needs to pass a federal data privacy law. If lawmakers don’t rise to the occasion, which government agency might?
-
PremiumAsk a CCO: Roles in data privacy compliance efforts
Four senior compliance practitioners share their roles in ensuring data privacy compliance at their respective companies and the other departments that support their efforts.
-
PremiumRuling in Experian GDPR case thrusts ‘legitimate interest’ into spotlight
Experian won a legal battle against the U.K. Information Commissioner’s Office after the data regulator ordered the credit reference agency to make “fundamental changes” over the way it handled personal data for direct marketing purposes or stop altogether.
-
PremiumAsk a CCO: Plan for complying with varied U.S. privacy laws
Four senior compliance practitioners detail steps their respective companies are taking to confront the expanding U.S. data privacy legislation landscape.
-
PremiumBest practices for navigating changing U.S. data privacy landscape
With five new or amended state laws set to hit the books in 2023, companies would be wise to ensure their data privacy compliance house is in order—and start preparing for the next wave of legislation.
-
PremiumCloud ‘not a silver bullet’ for security
A panel of cyber experts and a chief compliance officer in financial services discussed the business risks, threat vectors, and vendor ‘gotchas’ associated with transitioning to a cloud provider at CW’s virtual Cyber Risk & Data Privacy Summit.
-
Premium‘This is where we are now’: Cyber environment calls for continuous monitoring
Securing your organization’s private data when vendors have access to it means managing relationships from beginning to end, panelists at CW’s virtual Cyber Risk and Data Privacy Summit agreed.
-
PremiumHHS proposal aims to ‘shine a light’ on nursing home ownership
It is still too early in the rulemaking process to know what will be included in the Biden administration’s final rule on transparency of nursing home ownership, but there are some steps facilities can take to prepare, according to experts.
-
PremiumChatGPT comes with compliance caveats, experts warn
There are downsides to every new technology, and artificial intelligence and machine learning are no exception. Experts discussed the importance for compliance professionals to understand the risks of such tools at CW’s virtual Cyber Risk & Data Privacy Summit.
-
PremiumCybersecurity pillars: Prevention, protection, mitigation, governance
The former superintendent of the New York State Department of Financial Services explained how the structure of a cybersecurity program is like a compliance program and can be divided into four buckets during a panel discussion at CW’s Cyber Risk & Data Privacy Summit.
-
PremiumGDPR push for privacy by design still ‘a long way off’
Italy’s data protection authority banned U.S.-based AI chatbot creator Replika from processing the personal data of Italian users because of risks the service posed to minors and vulnerable people—the latest example of a tech company’s product running afoul of the GDPR.
-
PremiumCISA strategist: What is an SBOM and why it matters to compliance
Cyberattacks on software are increasing, and the best chance organizations have of protecting themselves is to know about potential vulnerabilities through a software bill of materials, CISA Strategist Allan Friedman shared at CW’s virtual Cyber Risk & Data Privacy Summit.
-
PremiumComerica pressured over handling of government program fraud claims
Comerica Bank has been battling allegations for years of mishandled fraudulent transactions in violation of U.S. federal banking laws. A series of class-action lawsuits against the bank recently certified by a federal district court judge provide scope into the alleged failings.
-
PremiumSurvey: Cybersecurity, regulatory risks lead TPRM priorities in 2023
Respondents to a survey from Compliance Week and Dun & Bradstreet overwhelmingly indicated cybersecurity to be the most important compliance-related area affecting third-party risk management in the new year, though fraud and other risks should still be on their radar.
-
PremiumSFO’s Balli Steel win latest to leverage international cooperation
The Serious Fraud Office secured the convictions of two executives at failed British steel trading business Balli Steel on six counts of fraud. Legal experts examine whether “record-breaking” international cooperation in the case served as a crutch for the U.K. regulator.