Integrated Risk Guidance

New Integrated Third-Party Risk Management Guidance from the OCC, Federal Reserve, and FDIC

by Gary Roboff, Senior Advisor | June 22, 2023 | Guidance, Public Policy

Regulators have developed “principles-based guidance that provides a flexible, risk-based approach to third-party risk management that can be adjusted to the unique circumstances of each third-party relationship.” On June 6th, less than 20 months after comments closed, the Federal Reserve, The ....

EU regulations

Coherent Corporate Sustainability Due Diligence and Reporting Frameworks Are Arriving In the EU…

by Gary Roboff, Senior Advisor | February 22, 2023 | Public Policy

and...Third Party Risk Managers Everywhere Should Pay Attention! Third-party risk managers should be paying attention to important ESG regulatory developments in the European Union, where two pieces of regulation became effective within the last month and one more may be on the cusp. Third-party ri ....

Gramm Leach Bliley Act GLBA

Spotlight on the Gramm-Leach-Bliley Act (GLBA)

by Linnea Solem | July 5, 2022 | Data Protection, Public Policy

Last week Bob Maley, Chief Security Officer at Black Kite and I led a Fireside Chat discussion on the current regulatory landscape regarding privacy and security. While state laws continue to advance and there is momentum for a Federal U.S. Privacy Regulation, the update by the Federal Trade Commiss ....

1 1

What HIPAA Misses: Healthcare’s Patient Privacy Issue

by Kristen Hicks | April 12, 2022 | Data & Cybersecurity, Health Insurance Portability and Accountability Act (HIPAA), Healthcare, Industry Verticals

Data privacy is a fraught subject in any industry. But in healthcare, the stakes are especially high. Many consumers have made (at least some degree of) peace with trading personal data for the convenience of entertainment offered by their favorite apps. But people aren’t necessarily willing to ma ....

Prepare for New Regulations in Data Privacy Laws 1

Prepare for New Regulations in Data Privacy Laws

by Eric Krell | November 22, 2021 | Regulations

Add data privacy laws to the list of trends whose adoption accelerated during the past few years. In 2018, a grand total of two privacy bills were introduced in U.S. statehouses, according to data shared by the International Association of Privacy Professionals (IAPP). The next year, 16 privacy bill ....

Cyber Incident Reporting Act

Cyber Incident Reporting Act: Clock Is Ticking

by Sabine Zimmer | September 29, 2021 | Business Continuity, Public Policy

In response to the surge of major cyberattacks over the past year, Congress has responded with the Cyber Incident Reporting Act. This bipartisan legislation sets timelines for organizations to report cyber incidents to the Cybersecurity and Infrastructure Security Agency (CISA).   These t ....

Next Page »