Proskauer has released a white paper on “What Employers Need to Know about Europe’s General Data Protection Regulation.” As you may know, on April 14, 2016, the European Parliament approved the General Data Protection Regulation (“GDPR”), which will replace the EU’s current data privacy standard and begin to
Proskauer on Privacy
SEC Cybersecurity Update
Results from the SEC’s First Round of Cybersecurity Examinations. On February 3, 2015, the OCIE published a risk alert summarizing its findings from its examinations of over 100 registered investment advisers and broker-dealers. The examinations were conducted as part of the OCIE’s cybersecurity examination initiative, announced in April 2014, to assess cybersecurity preparedness in the securities industry and gather information on common practices and trends among registered firms. The OCIE interviewed key personnel and reviewed documents at 49 registered investment advisers and 57 registered broker-dealers. The OCIE’s findings focused on how registered investment advisers and broker-dealers:
- Identify cybersecurity risks;
- Establish cybersecurity policies, procedures and oversight processes;
- Protect their networks and information;
- Identify and address risks associated with remote access to client information, funds transfer requests and third-party vendors; and
- Detect and handle unauthorized activities and other cyber-attacks.
Article 29 Working Party Issues Statement Following Landmark CJEU Safe Harbor Ruling
Since the Article 29 Working Party on the Protection of Individuals (“WP29”) announced last week that it would it shortly issue a statement on the landmark CJEU ruling invalidating the Safe Harbor Decision (Schrems v. Data Protection Commissioner (C-362- 14)), we have been awaiting their guidance. Today, the WP29 issued an important statement offering some clarity to companies that, amid the fallout from the decision, have been pondering the question of “What’s next?”
SEC Announces Cybersecurity Enforcement Action
On September 22, 2015, the Securities and Exchange Commission (SEC) announced the settlement of an enforcement action against a St. Louis-based registered investment adviser (Adviser) brought under Rule 30(a) of Regulation S-P (Safeguards Rule). The SEC Order charged the Adviser with violating the Safeguards Rule by failing to adopt written…
SEC to Conduct Second Round of Cybersecurity Examinations
On September 15, 2015, the Office of Compliance Inspections and Examinations (OCIE) of the Securities and Exchange Commission (SEC) issued a Risk Alert announcing its second round of examinations of registered investment advisers and broker-dealers under its cybersecurity examination initiative.