Last week, the HHS Office for Civil Rights (OCR) released a crosswalk between the requirements of the HIPAA Security Rule and the NIST Cybersecurity Framework. The crosswalk – which was developed in conjunction with the National Institute of Standards and Technology (NIST) and the HHS Office of the National Coordinator for Health IT – maps each […]
Regulation
SEC Continues to Focus on Cyber-related Disclosures
Participating in a panel at the “SEC Speaks” event on February 19, Deputy Director of the SEC’s Enforcement Division Stephanie Avakian expressed that the Commission continues to focus on cybersecurity as a top priority in 2016. Avakian discussed the Commission’s cybersecurity concerns in three contexts: (1) failure of registered entities to follow Rule 30(a) of […]
President Obama Announces Cybersecurity National Action Plan
On February 9, 2016, President Barack Obama unveiled his new Cybersecurity National Action Plan (CNAP), a comprehensive approach to confront cybersecurity challenges. As articulated in the CNAP Fact Sheet released by the White House, CNAP takes “near-term actions and puts in place a long-term strategy to enhance cybersecurity awareness and protections, protect privacy, maintain public […]
Article 29 Working Party announces its 2016 Action Plan for GDPR Preparedness
During a press conference held on February 3, 2016, the President of the Article 29 Working Party (“Working Party”) discussed the Working Party’s 2016 action plan concerning the new General Data Protection Regulation (“GDPR”). The action plan lays out the groundwork required to prepare the DPAs for their new role under the GDPR and to […]
EU Working Party Discusses Data Transfer Framework
Today, the consortium of European data protection authorities, the Article 29 Working Party (“WP29”), released a much awaited statement on the consequences of the European Court of Justice (“ECJ”) decision that invalidated the Safe Harbor framework. Companies will be relieved to find that alternative transfer mechanisms, such as Model Contracts or Binding Corporate Rules, are […]