Tag archives: risk management

The aftermath of an incident – business considerations surrounding record-keeping

Photo of Jeremie Wyatt (CA)Photo of John Cassell (CA)Photo of Sara A. Levine, QC (CA)By Jeremie Wyatt (CA), John Cassell (CA) and Sara A. Levine, QC (CA) on Posted in Compliance and risk management, Data breach, Vendor management and transactions
innovation circuit boardIn our previous publication, we discussed the legal obligations and procedural considerations surrounding maintaining records of privacy incidents. While the specific obligations vary by jurisdiction, maintaining some form of a record that tracks privacy incidents is a statutory obligation for private-sector organizations subject to Quebec, Alberta, or federal laws. Organizations should also be aware of … Continue reading

FDA issues final guidance on postmarket medical device cybersecurity

Photo of Anna Rudawski (US)By Anna Rudawski (US) on Posted in Compliance and risk management, Regulatory response
Data Protection Report - Norton Rose FulbrightOn December 28, 2016, the U.S. Food and Drug Administration (FDA) released final guidance on the management of cybersecurity vulnerabilities for marketed and distributed medical devices.  The guidance establishes a risk-based approach for the reporting of medical device cybersecurity vulnerabilities to the FDA.… Continue reading

UK Hedge Fund Standards Board issues cybersecurity guidance

Photo of Marcus Evans (UK)By Marcus Evans (UK) on Posted in Regulatory response
Data Protection Report - Norton Rose FulbrightThe UK Hedge Fund Standards Board (HFSB) announced on September 17, 2015, that it has added a “Cybersecurity Memo” to its Toolbox function. The Toolbox provides guidance to managers, investors, and fund directors on fund-related issues such as governance, internal processing, and reporting. The Toolbox acts as a complement to the HFSB’s standard-setting activities.… Continue reading
LexBlog