Categories
Compliance Into the Weeds

Blackbaud – Failures in Cyber Breach Disclosures

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, we discuss the consequences of insufficient disclosure regarding cybersecurity risks, as demonstrated in the recent Blackbaud SEC enforcement action. The SEC requires companies to proactively disclose material events, and the Delaware Court of Chancery is making it clear that senior executives are responsible for ensuring compliance with disclosure requirements. Tune in next week to hear more Compliance into the Weeds from Tom and Matt. 

Key Highlights

·      The cost of poor communication: $3 million lesson from Blackbaud’s FCC fine.

·      Disclosure Controls and the Sarbanes Oxley Act

·      The Consequences of Failing to Comply with the SEC and FCC Regulations on Reporting Data Breaches

·      SEC Cracking Heads and What’s Next 

Notable Quotes:

1.      “Do words still matter? I think that they do.”

2.     “I couldn’t think of at least 3 million reasons why that was a bad idea in hindsight, and maybe they should have been more forthcoming.”

3.      “Oh, well, actually, you know, we missed the revenue target, but we forgot to tell the CFO people would be fired. You know, there would be heads stuck on the pikes. In front of the office lobby or something like that.”

4.     “A compromise of our data security that results in customer or donor personal or payment card data being obtained by unauthorized persons could, and that’s the word. Could adversely affect our reputation with our customers and others.”

 Resources

Matt  on LinkedIn

Matt on Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Life with GDPR

Update on Blackbaud


Jonathan Armstrong returns from assignment to take on a potpourri of issues with co-host Tom Fox. In this episode, we consider some of the issues from the Blackbaud data breach enforcement action. Some of the issues we consider include:

  1. Does this matter signal a priority in risk shifting by the regulators?
  2. Implications for class actions involving customers.
  3. Hardening of the insurance market regarding data breaches.
  4. More due diligence coming in the B2B arena.
  5. Steps your organization should take now.

Resources
Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.