Doug Cornelius on compliance for private equity real estate
The Securities and Exchange Commission’s Office of Compliance Inspections and Examinations (OCIE) issued a risk alert on compliance issues related to privacy regulations. The alert comes from recent examinations of broker-dealers and registered investment advisers. Regulation S-P is the primary SEC rule regarding privacy notices and safeguards. The Risk Alert doesn’t cover all of the…
The old-fashioned telephone turns out to be a way to hack into other people’s accounts. Voya Financial was the victim of cybercriminals using their phones instead of their computers. Voya ran the portal for its investment advisers and registered representatives to to manage the accounts of their customers. Voya also had a support line to…
The Securities and Exchange Commission adopted new rules requiring investment advisers, broker-dealers, mutual funds, and certain other entities regulated by the agency to adopt programs to detect red flags and prevent identity theft. In 2010, the Dodd-Frank Wall Street Reform and Consumer Protection Act amended the Fair Credit reporting Act to add the SEC to…
Through September 30, 2011, the largest share of breaches was not in the financial sector, but in the retail and healthcare industries, along with government. On October 31, 2007, the Commonwealth’s Data Security Breach Law, Mass. Gen. Law c. 93H, went into effect. On March 1, 2010, the Office of Consumer Affairs and Business Regulation’s…
Identity theft is a serious problem. Title X of the Dodd-Frank Wall Street Reform and Consumer Protection Act increased the scope of firms that would be subject to federal regulatory requirements on identity theft rules. The Securities Exchange Commission and the Commodities Futures Trading Commission just published a proposed rule addressing that new scope. Section…
It’s been almost 18 months since the Massachusetts Data Privacy Law went into effect. Belmont Savings Bank has become one of the first charged with violating the law. Belmont Savings Bank maintained personal information on an unencrypted backup data tape and then lost the tape. According to surveillance footage the tape was likely discarded inadvertently by…
I remember the days of the mimeograph. In class people would inevitably sniff the newly printed pages. For a teacher, the danger was that the latent copy would fall into the wrong hands. Animal House highlighted that danger. Current day copiers are much more advanced than the mimeograph, but the dangers of the latent copy…
Data Privacy Day is January 28, 2011. There have events throughout the week to inform and educate us all about our personal data rights and protections. Here are some key reminders: Never Post or Share Personal Information such as a date of birth, personal address, or maiden name because identity thieves now friend as many…
It looks like even Dilbert is keeping an eye on the Quon case at the Supreme Court.
There was much cheering when federal regulators finally released their Final Model Privacy Notice Form back in November. That was quickly followed by a gnashing of teeth when it turns out the regulators did not understand the concept of a form or how to use Adobe Acrobat. They merely created a static document that you…