GDPR is in Effect – What Now?

If you had been listening to all the proclamations on May 25, 2018 when GDPR was to come into effect, you may have been surprised when it felt like any other Friday.  GDPR came into effect quietly and no one was fined in all of 2018. Don’t take that to mean that European Data Protection… READ MORE

GDPR: Impacts on American Firms without EU Clients

Confirmation that your firm does not hold any EU resident’s (“data subjects”) data is the first step in complying with the new General Data Protection Regulation (“GDPR”), effective May 25, 2018.  There will still be some decisions and changes awaiting you.  Firms without any EU residents’ data will be impacted in three main ways: deciding if the… READ MORE

Cybersecurity Deadline Approaches – Preparing your firm for the first phase of New York’s ’ Cybersecurity Rule 23 NYCRR 500

The first phase implementation date of New York’s “Cybersecurity Requirements for Financial Services Companies” rule is August 28th, 2017.   The rule requires firms to develop and maintain a cybersecurity program designed to protect the confidentiality, integrity and availability of their information systems.  The program must be based on a risk assessment, identify and assess internal… READ MORE