Join FoxPointe Solutions for our 12th Annual Compliance Bootcamp. Coming to Albany, NYC, and Rochester. Register now to secure your spot.
Join FoxPointe Solutions for our 12th Annual Compliance Bootcamp. Coming to Albany, NYC, and Rochester. Register now to secure your spot.
Receive articles and resources from the information risk management experts at FoxPointe.
Your organization and its risk management leaders face disturbances on multiple levels every day, encompassing cybersecurity, privacy, regulatory management, and focused and widespread malicious actions and actors, technological weaknesses, organizational apathy, human errors, etc. Preparation, assessment, and pragmatic execution of the needed controls are vital to address these disruptions and...
Incident Management Efficiency Recently, the NYS Office for People with Developmental Disabilities (OPWDD) has been placing a stronger focus on Incident Management, primarily surrounding timely completion of investigations of reportable incidents. The following is a high-level overview of OPWDD’s Part 624 Regulations. OPWDD requires voluntary agencies to have a process...
Privacy vs. Security Privacy and security often work hand in hand to support each other, but each has its own distinct role. Data privacy includes policies and procedures that define how information is gathered, stored, accessed, and destroyed. Security is comprised of the people, processes, and technologies put into place...
Why Your Organization Needs a Gap Assessment Today and the Top Benefits of Partnering with a QSA The Payment Card Industry Security Standards Council (PCI SSC) has released version 4 of the Data Security Standard (DSS). This is the first major update to the standard since PCI DSS v3.0 was...
After a multiyear process of proposals and assessment of public comments, the New York State Department of Financial Services (NYSDFS) has made significant amendments to its Cybersecurity Regulation, 23 NYCRR Part 500. The rule is final and effective as of November 1, 2023. Let’s take a comprehensive look at each...
Updates to the SEC Cybersecurity Disclosure Rules Days before the new Securities and Exchange Commission (SEC) cybersecurity disclosure rules went into effect (which FoxPointe previously discussed here) Erik Gerding, Director of Corporation Finance of the SEC, issued a statement offering some thoughts, rationale and perspective on the rules in an...
With 2024 upon us, it is time for us to assess the current trends across the cybersecurity landscape, identify new risks and new solutions, and speculate about what next year may bring. With each month that goes by, there are new headlines, laws and regulations, and general cybersecurity issues that...
Without a doubt, supporting the continually cyber-attacked infrastructures of our healthcare providers is on the minds of every person in leadership roles at every health system. Anything that can help protect our valuable systems and data and support the missions of our health systems should be explored. Regarding this recent...
Maintaining an effective compliance program should be a key component within any organization’s overarching strategy. In this article, we will be reviewing the importance of maintaining an effective compliance program and ways in which you can conduct a valuable assessment of your organization’s compliance program. Assessing Your Compliance Program –...
The sky is falling and Artificial Intelligence (AI) is the reason, or so it has been said. In reality, threats from phishing, malware, and data exfiltration have been around for years. The introduction of AI is just the next phase in this cyberthreat evolution. It’s Not All Bad AI has...
This article was written by Paul Mayer, June Crawford, and Heather Brownson To celebrate this year’s Corporate Compliance & Ethics Week (11/5-11/11 2023), The Compliance Solutions team at FoxPointe Solutions, a division of The Bonadio Group, wanted to share a few important reminders related to New York State’s mandatory compliance...
Many organizations understand that SOC compliance has become an invaluable resource in providing assurance to your clients that you are doing everything possible to keep their data and systems safe in a world were threats of cyberattacks loom at every front. Before you begin your process in engaging in a...
