A recent study by ThreatTrack Security found malware analysts are better equipped to protect against cyber-attacks but continue to face internal challenges to network defense. Additionally, many organizations are not disclosing data breaches to the customers, partners and others who entrusted their data to them.
Beginning January 30, 2014, employers with more than four workers must provide reasonable accommodations to pregnant employees and new mothers under the New York City Pregnant Workers Fairness Act (NYCPWFA). The amendment to the New York City Human Rights Law (NYCHRL) broadens existing employer accommodation requirements with respect to employee pregnancy, childbirth and related medical conditions.
The Iran Threat Reduction and Syria Human Rights Act of 2012 (ITRA), which became effective earlier this year, requires companies registered with the Securities and Exchange Commission (SEC) to disclose in their annual or quarterly reports — among other things — any transactions or dealings involving Iran. Since February, companies have filed more than 400 of these disclosures, but so far none have resulted in any SEC-initiated enforcement actions.
A new study by the business intelligence firm Control Risks and the Economist Intelligence Unit (EIU) found "disturbing gaps" in corporate policies designed to prevent and respond to bribery and corruption issues. The study, "International Business Attitudes to Corruption,"surveyed the general counsel, senior corporate attorneys and compliance heads of more than 300 companies.
A check-cashing company and its owner pleaded guilty to violations of the Bank Secrecy Act arising from their failure to follow anti-money laundering reporting requirements with respect to more than $19 million in check-cashing transactions, the Department of Justice (DOJ) announced. The plea agreement requires defendants Craig Panzera and his check-cashing business, Belair Payroll Services Inc., to forfeit $3.2 million and Panzera to pay restitution of nearly $1 million.
The Payment Card Industry Security Standards Council (PCI Council) issues new versions of the PCI Data Security Standard (PCI-DSS) and the Payment Application Data Security Standard (PA-DSS) every three years based on input from credit card companies, merchants and others that handle consumer credit-card data. This month, the PCI Council issued version 3.0 of the standards. They take effect January 1, 2014, and businesses have until the end of 2014 to come into compliance.
Within the last decade, the Equal Employment Opportunity Commission (EEOC) has seen a surge in the filing of religious discrimination claims. In 2012, the EEOC received about 4,000 complaints, compared to just 2,500 in 2003. Despite the sharp rise in complaints, the number of lawsuits the agency has filed against employers has decreased by 50%. The decline stems from EEOC efforts to resolve complaints before the commencement of legal proceedings by educating employers and reaching mutually agreeable settlements.
In addition to being mindful of on-the-job challenges, companies also need to be conscious of employee use of social media inside and outside of the workplace. Ensure that your company's employees follow smarter social media practices.
The decision whether to self-report violations of the UK's Bribery Act 2010 can be a difficult one and the UK's Serious Fraud Office (SFO) is not making it any easier.
A jury recently awarded 15 firefighters $3.7 million in back pay and damages for age discrimination in their lawsuit against the city of San Francisco. The current and retired firefighters — all over the age of 40 — claimed that "irregular and/or questionable" issues with a written promotion test in 2008 hindered the promotion of older firefighters and favored younger ones.