Compliance Archives

Judy Selby on Improving Cyber and Privacy Board Reporting

July 19th, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Compliance, Cybersecurity, Directors & Officers, Information Technology Law, Risk Management|

"While general awareness of cyber risks among corporate boards is increasing, even the most motivated and knowledgeable directors cannot effectively fulfill their duties without receiving appropriate data about the organization’s risk profile. Unfortunately, however, there appears to be a disconnect between management and boards when it comes to cyber risk reporting . . . In order for directors to effectively discharge their duty of active, informed, and engaged oversight, the information they receive must be relevant, understandable, reliable, and objective." Judy Selby, JD Judy Selby Consulting Read the full article and Judy's tips for improving board reporting. Judy Selby of Judy Selby Consulting

BitSight Releases eBook on Use of A.I. & Big Data in Continuous Cyber Risk Monitoring

July 18th, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Compliance, Cybersecurity, Data Breach, Data Privacy, Risk Management|

"With every reported data breach or cyberattack, the cyber risk landscape gets a little more complex. Cyber criminals create new attack vectors, cybersecurity professionals develop new controls to protect their systems, the criminals get to work circumventing the controls, and so on.The result of this back and forth is that cyber risk professionals have a huge variety of risk factors to worry about. In response, risk managers and security specialists need to develop extremely complex cybersecurity programs to make sure all of their bases are covered. "With so many cybersecurity risks to consider, it’s inevitable that some will receive less attention than they deserve. Unfortunately, these overlooked risk factors could play a role in your next cyberattack, and if your financial services firm isn’t prepared, that could be extremely costly." Read more. We're looking forward to seeing the BitSight team in Bermuda Dec. 6-7, 2018, at the International Cyber Risk Management Conference.

CBD: Confusing Regulations May Soon Find at Least Some Clarity — But Proceed With Caution

July 16th, 2018|Categories: Complex Business Litigation, Corporate Compliance, HB Risk Notes|Tags: Cannabis, Compliance, Corporate & Securities, Drug Laws, Regulations|

By Tom Hagy July 16, 2018 Proponents say the medical benefits are many and magnificent. You can feel better without feeling stoned. While that will be disappointing to some, people enduring a variety of ailments may find relief, proponents and some studies say. From inflammation to pain to anxiety. From arthritis to alcoholism to diabetes. From psychoses to seizures. Cannabidiol may cure what ails you. And in many cases the science is there, even studies sponsored by the government, say the folks at Project CBD. While the regulations vary from state to state, and the definitions can be confusing, clarity is coming for at least the hemp-derived variety of products – as opposed to its sister cannabis plant, marijuana – with the likely passage of Senate Majority Leader Mitch McConnell’s Hemp Farm Bill. The measure is also noteworthy because it has drawn rare bipartisan support. CBD can be found in just about anything, from skin care products to pain medications to anti-seizure drugs—even beer. Companies, including large retailers, like Target, have tried to sell or are selling products containing CBD online or across state lines. While small compared to the marijuana industry, CBD is on a serious growth trajectory. “Spending on legal cannabis worldwide is expected to hit $57 billion by 2027,” according to an article at Forbes.com, written by Thomas [...]

CBD: Legal or Not? | Webinar | Aug. 16, 2018 | 2pm

July 13th, 2018|Categories: Corporate Compliance, HB Risk Notes, Law Firm Operations|Tags: Compliance, Corporate & Securities, Law Practice Management, Legal Research & Writing, Regulations|

[two-fifths-first] DATE: Thursday, Aug. 16, 2018 TIME: 2 p.m. EDT; 1 p.m. CDT; 12 p.m. MDT; 11 a.m. PDT PLACE: Your computer PRICE: $197 per dial-in site (unlimited attendance at one location) through Aug. 3, $247 thereafter Register by Aug. 3 and save! For more information, email leslie.davidson@litigationconferences.com. Your webinar registration includes: • A site license to attend this webinar (invite as many people in one location as you can fit around your computer at no extra charge). • Downloadable PowerPoint presentations from our speakers. • The opportunity to connect directly with speakers during the audience Q&A session. • At least one-hour of CLE credit. Speakers Daniel Shortt Harris Bricken Seattle Alison Malsbury Harris Bricken San Francisco [/two-fifths-first][three-fifths] With so many studies coming out on the benefits of CBD, a lot of people and companies see tremendous market opportunities and are diving in. Whether derived from industrial hemp or marijuana, these days CBD can be found in just about anything, from skin care products to pain medications to anti-seizure drugs—even beer. Companies, including large retailers like Target, have tried to sell or are selling products containing CBD online or across state lines. But determining the legal status of CBD isn’t easy. Because CBD is a cannabis derivative, the biggest question, of course, is whether or not it’s even legal under [...]

California Enacts the ‘First Truly Sweeping Privacy Regime’ in Record Time

July 5th, 2018|Categories: Corporate Compliance, HB Risk Notes, Technology Law|Tags: Compliance, Corporate & Securities, Data Privacy, Privacy, Regulations|

The California legislature -- apparently not wanting to be pegged as just another slow-moving governing body -- took the California Consumer Privacy Act of 2018 from proposal to passage to signing in one week. Critics weren't sitting on their hands either. "Businesses Blast California’s New Data-Privacy Law," read one headline in the Wall Street Journal. For consumers, Californians anyway, the good news is that they can refuse to allow companies to sell their personal data. But, the WSJ reported, business across the country say the law will cause "far-reaching damage to everything from retailers’ customer-loyalty programs to data gathering by Silicon Valley tech giants." Law firms are cranking out their advisories and analyses. Sullivan & Cromwell says the CCPA establishes a new privacy framework for covered businesses by: "Creating an expanded definition of personal information for purposes of the Act; "Creating new data privacy rights for California consumers, including rights to know, access, have deleted and opt out of the sale of their personal information; "Imposing special rules for the collection of consumer data from minors; and "Creating a new and potentially severe statutory damages framework for violations of the Act and for businesses that fail to implement reasonable security procedures and practices to prevent data breaches." The firm also offered a quick comparison between the CCPA and the GDPR. "At a [...]

Congressional Cannabis Proposal Would Can Criminalization

June 8th, 2018|Categories: Complex Business Litigation, Corporate Compliance, HB Risk Notes|Tags: Cannabis, Compliance, Corporate & Securities, Drug Laws, Emerging Litigation & Risk|

Could this be the thing that brings the parties together? Here is a quote from an article written for Forbes.com by freelance writer Janet Burns. [Jolene Forman, staff attorney at the nonprofit Drug Policy Alliance] called the bill a "first step," and noted, “This bipartisan proposal clears the way for states to develop their own marijuana policies without fear of federal intervention. This will give states more opportunity to restore communities that have borne the brunt of the drug war and mass criminalization." So far, 30 states, Washington, DC and the U.S. territories of Guam and Puerto Rico have enacted medical marijuana legislation, while estimates suggest that 63 million Americans reside in areas where anyone over 21 may now legally possess the plant.

Insurance Coverage and GDPR: What’s Your Financial Exposure? –Linda Kornfeld, Blank Rome

May 28th, 2018|Categories: Corporate Compliance, HB Risk Notes, Insurance|Tags: Compliance, Cybersecurity, Data Privacy, Insurance Claims Recovery, Insurance Companies|

In her recent article -- GDPR Is Finally Here: It’s Time to Make Sure Your Current Cyber Policy Will Protect against New Financial Exposures -- Blank Rome insurance coverage partner Linda Kornfeld wrote: Companies can face large financial exposure for GDPR “fines or penalties.” Are they covered under currently worded cyber policies? The answer is, maybe not if your policy, e.g., covers regulatory proceedings addressing only failures to protect private information, as opposed to GDPR proceedings that may address broader noncompliant data collection and use practices. Additionally, coverage for GDPR fines or penalties may be more restricted under the laws of many European countries than the laws of certain states in the United States. Your insurer may agree to choice of law language in your policy that will increase the chances of coverage. On behalf of all of us at HB -- Congratulations to Linda on her move to Blank Rome! Now Vice Chair of the firm's Insurance Recovery Practice Group, Linda is one of the nation’s most prominent insurance recovery attorneys, representing corporate policyholders in high-stakes litigation for more than 25 years. Using strategic, creative approaches in her trial and appellate practice, Linda assists her clients in the recovery of hundreds of millions of dollars in insurance assets. She is a strategic adviser to senior executives and in-house counsel on mitigating risk [...]