On May 21, the North American Securities Administrators Association (“NASAA”) announced a massive and coordinated series of enforcement actions by U.S. state and Canadian provincial regulators to combat fraudulent practices involving cryptocurrency-related investment products.
As cryptocurrencies have gained in popularity, companies have increasingly turned to a method known as an initial coin offering (“ICO”) to…
In a statement on Thursday, April 26, a key House Republican on CFPB issues effectively admitted that despite his own efforts and those of the Trump Administration including Acting CFPB Director, Mick Mulvaney, Congress will almost certainly make no changes to the structure of the CFPB this year. As a result, there will probably be…
On Wednesday, the U.S. Senate voted almost entirely along party lines to invalidate, under the Congressional Review Act, the Consumer Financial Protection Bureau’s (CFPB) (in)famous 2013 Bulletin on lending discrimination in the indirect auto market via discretionary mark-ups and dealer compensation policies. The 2013 Bulletin, construing the Equal Credit Opportunity Act and its implementing rule,…
Despite the lack of significant settlements for HIPAA enforcement by the federal Office of Civil Rights (OCR) so far in 2018, states have not hesitated to patrol privacy and security breach activity and take action against perceived violations. Indeed, under the HITECH Act, state attorneys general have their own HIPAA enforcement authority. Two recent settlements…
Health Information Highlight
Welcome back to our three-part series examining ways to efficiently identify, address and mitigate gaps in HIPAA compliance in transaction diligence. In Part I, we discussed four key diligence questions upon which buyers should focus their efforts in a transaction. In Part II, we reviewed considerations related to storage of and access…
On March 14, 2018, the SEC and DOJ sued Jun Ying, a former Chief Information Officer within an Equifax Inc. business unit, for insider trading. Specifically, they accused him of knowing about a significant Equifax data breach prior to its public disclosure and, while in possession of that material nonpublic information, exercising his Equifax options…
Health Information Highlight
Welcome back to our three-part series examining ways to efficiently identify, address and mitigate gaps in HIPAA compliance in transaction diligence. In Part I of this series, we discussed four key diligence questions upon which buyers should focus their efforts in a transaction. Here, we review considerations related to storage of…
Health Information Highlight
Welcome to a three-part series that will examine several ways to efficiently identify, address, and mitigate gaps in HIPAA compliance in transaction diligence.
A target’s value is often held in its information and people. An increased risk of HIPAA enforcement means that privacy and security diligence should not be a “check the…
This post originally appeared in our sister publication, Password Protected.
A “white hat” is an ethical computer hacker who specializes in penetration testing and other testing methodologies to ensure the security of an organization’s information systems. According to the Ethical Hacking Council, “The goal of the ethical hacker is to help the…
In a long-awaited constitutional decision regarding the Consumer Financial Protection Bureau (“CFPB”), the full D.C. Circuit Court of Appeals today in PHH v. CFPB reversed a prior ruling by a three-judge panel that the CFPB is unconstitutionally structured. As we previously reported, that prior panel’s prior decision — stayed since its issuance in October…
