On June 18, 2024, the SEC announced a $2.125 million settlement with R.R. Donnelley & Sons Co. (“RRD”) related to the company’s 2021 ransomware attack (the “Incident”). The settlement, and the SEC’s accompanying cease-and-desist order (the … [Read more] about SEC Settlement Suggests the Agency’s Attempt to Regulate Cybersecurity Controls
In May 2024, the New York State Department of Health (“NYSDOH”) issued revisions to proposed regulations on hospital cybersecurity that it first released in November 2023. The proposed revised regulations are subject to public comment ending on July … [Read more] about New York State Department of Health Revises Proposed Hospital Cybersecurity Regulations
On Monday, June 17, 2024, the Department of Justice (DOJ) announced a settlement in which two U.S. based consulting companies agreed to pay a combined total of $11.3 million to resolve allegations that they violated the False Claims Act (FCA) by … [Read more] about DOJ Announces $11.3 Million in Settlements for FCA Violations
Today, the EU Artificial Intelligence Act (‘AI Act’) was signed into law. The AI Act will impose obligations on both private and public sector actors which provide, import, distribute, or deploy in-scope AI systems. It also contains obligations … [Read more] about EU Artificial Intelligence Act Signed Into Law
Peter Swire, Senior Counsel at Alston & Bird, has published a white paper at the Cross-Border Data Forum (“CBDF”), analyzing the definitions in the Protecting Americans’ Data from Foreign Adversaries Act of 2024 (“PADFAA”), which was passed on … [Read more] about Article: White Paper on Clarifying Definitions in the Protecting Americans’ Data from Foreign Adversaries Act of 2024