Category Archives: Regulatory Compliance

Simplify NAIC Data Security Law Compliance

What is the NAIC Data Security Model Law? The National Association of Insurance Commissioners (NAIC) Data Security Model Law (Model Law) requires insurers and other entities licensed by state insurance departments to develop, implement, and maintain an information security program that contains key cyber security safeguards and management oversight. The NAIC was law adopted in […]

Simplify Compliance with FTC Safeguards Rule

Understand the key requirements of the FTC Safeguards Rule and how to effectively build and maintain and written information security program to maintain compliance. What is the FTC Safeguards Rule? The Federal Trade Commission (FTC) created the Standards for Safeguarding Customer Information (“FTC Safeguards Rule”) to ensure that businesses maintain a cyber security program to protect private […]

Comply with new SEC Cybersecurity Risk Rules

In February 2022 the Securities and Exchange Commission (SEC) voted to enhance the cyber security requirements for registered investment advisers (including registered investment companies and investment funds). The proposed SEC cyber risk management rules would require advisers and funds to adopt and implement a program with written cybersecurity policies and procedures designed to address cybersecurity […]

How to Develop an IRS Data Security Plan

The Internal Revenue Service (IRS) recently added a requirement for all tax preparers to develop a “Data Security Plan” to protect customer data. The IRS responded to growing threats against small businesses that handle sensitive customer information. Tax professionals can be ideal targets since electronic tax data contains lots of personal information that would be […]

Information Shield Enables Department of Labor Cyber Requirements

In April 2021 the United States Department of Labor (DOL) issued its first guidance to help retirement plan sponsors and administrators implement a sound cyber security program.  The Department of Labor estimates that over $9 trillion in assets are held in various retirement plans, making them prime targets for hackers.    The Employee Benefits Security Administration (EBSA) […]

New IRS Cyber Security Plan Template simplifies compliance

The IRS now requires that every tax preparer that files electronic returns must have a Cyber Security Plan in place.  For months our customers have asked us to provide a quality solution that (1) Addresses key IRS Cyber Security requirements and (2) is affordable for a small office.   Today we announced the release of our […]

Remember NYS-DFS? First Enforcement Action

First Enforcement Action Signals a Need for Cyber Review In March 2017, the New York State Department of Financial Services passed their cyber law – Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R. Part 500 (NYS-DFS 500).   The law imposed formal cyber security requirements for covered insurance entities and their vendors.  This law was groundbreaking at […]

New Cybersecurity Certification Validates Program Maturity

Information Shield program enables any organization to validate cybersecurity practices HOUSTON, January 10, 2020 – Information Shield today announced the release of the Information Shield™ Cyber Certification.   This new program dramatically reduces the time and cost of validating cybersecurity readiness to management and third parties across the information supply chain. “Cyber regulations and vendor due-diligence […]

Simplify Compliance with new ACC Security Controls

Attorneys Create New Control Framework The Association of Corporate Counsel (ACC), which represents over 42,000 in-house counsel across 85 countries, recently released a new control model to help organizations interact with outside parties when dealing with sensitive information.  This is among the many new business domains areas where vendor risk management has become a key issue. […]