Eversheds Sutherland Cybersecurity and Privacy Insights Blog
content top

EU-U.S. Privacy Shield – Full Text Released

On February 29, 2016, the European Commission released the text of the EU-U.S. Privacy Shield. The text reveals the details of a new framework that will place stronger obligations on U.S. companies to protect the personal data of EU citizens. It will also involve heightened compliance requirements and authorizes enforcement measures by the U.S. Department of Commerce (Commerce) and the...

EU-US Privacy Shield: European Union and U.S. Reach Agreement in Principle for New Data Transfer Framework – But Uncertainty Remains

On February 2, 2016, the European Commission (EC) and the U.S. Department of Commerce (Commerce) announced that they had reached agreement on a new data transfer safe harbor arrangement for the transfer of personal data from Europe to the U.S. The new safe harbor pact, called the EU-US Privacy Shield, was negotiated in the wake of the EU Court of Justice’s (CJEU) decision in October...

They’re Baaaack . . . SECs Office of Compliance Inspections and Examinations Releases New Cybersecurity Risk Alert

Yesterday, the U.S. Securities and Exchange Commission (SEC) Office of Compliance Inspections and Examinations (OCIE) released a Risk Alert describing OCIE’s 2015 cybersecurity exam initiative.  [link to www.sec.gov/ocie/announcement/ocie-2015-cybersecurity-examination-initiative.pdf].  As the Risk Alert notes, OCIE’s new cybersecurity initiative builds on information OCIE learned from...

What Funds Can Take Away From SEC Cybersecurity Guidance

In late April 2015, the U.S. Securities and Exchange Commission responded to the heightened risk of data breaches at the entities it regulates by issuing prescriptive guidance on cybersecurity for all investment advisers and registered investment companies, including mutual funds, insurance separate accounts and business development companies (funds). In her article for Law360,...

DOJ Publishes Cyberincident Response Best Practices Document

The Cybersecurity Unit of the Department of Justice (DOJ) has published a “best practices” document to assist organizations in developing a response plan for cyberincidents. The document, titled Best Practices for Victim Response and Reporting of Cyber Incidents, focuses on steps organizations should take before, during and after a cyberincident and emphasizes the need for...

« Older Entries