Compliance and Enforcement for Organizations Posts

Another Look at Third-Party Management: Why We’re Missing 31% of Material Risks

Privacy regulators increasingly are prescribing rules around third-party vendor and data processing management. As of March 1, 2019, for instance, New York’s Department of Financial Services (NYDFS) requires that Covered Entities establish policies and procedures for assessing the risks posed by vendors, determining minimum cybersecurity and privacy practices, conducting due diligence, and following up with periodic assessments.

DOJ Announces Procurement Collusion Strike Force

On Nov. 5, the U.S. Department of Justice issued a press release announcing the formation of the new Procurement Collusion Strike Force (PCSF) focusing on deterring, detecting, investigating and prosecuting antitrust crimes.

October 2019 Council Updates

During its meeting in New York City on October 17 and 18, the ALI Council reviewed drafts for seven Institute projects. Drafts or portions of drafts for six projects received Council approval, subject to the meeting discussion and to the usual prerogative to make nonsubstantive editorial improvements.