Header graphic for print
Global Media and Communications Watch The International Legal Blog for the Tech, Media and Telecoms Industry

Tag Archives: risk management

Posted in Cybersecurity Mark BrennanBret Cohen

NTIA Seeks Comment on New, Outcome-Based Privacy Approach

Yesterday, the U.S. Department of Commerce’s National Telecommunications and Information Administration (NTIA) issued a Request for Comments (RFC) on a new consumer privacy approach that is designed to focus on outcomes instead of prescriptive mandates. The RFC presents an important opportunity for organizations to provide legal and policy input to the administration, and comments are due October 26.The RFC notes … Continue Reading
Posted in Data Protection & Privacy Harriet PearsonPaul Otto

NIST Updates Cybersecurity Framework Guidance

In the past month, the National Institute of Standards and Technology (NIST) has issued a draft update to its flagship cybersecurity framework as well as new standalone guidance on how organizations can plan to recover from cybersecurity events. The publication of these documents demonstrates NIST’s ongoing focus on providing substantive guidance to the private and public sectors alike on cybersecurity … Continue Reading

Posted in Data Protection & Privacy Harriet Pearson

Ready, Set, Respond – Hogan Lovells Launches Global Cybersecurity Resource Portal

Cybersecurity risk continues to evolve at an astonishingly rapid rate, prompting companies to review and adjust their plans to deal with the fast-moving threats posed by an increasingly connected world. At the same time, cybersecurity law and regulation around the world are coming of age. In this complex and uncertain environment, it is not surprising that lawyers are increasingly being … Continue Reading

Posted in Data Protection & Privacy

OCR Emphasizes Security Obligations of Business Associates with Latest Enforcement

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) is taking an aggressive stand on HIPAA enforcement and targeting violations related to security risk assessments and business associate agreements. Three resolution agreements posted in the last month make clear that the agency expects entities subject to HIPAA to take appropriate steps to secure their data, regardless … Continue Reading