12 June 2009 - Mayer Brown LLP, a leading global law firm, announced today that 124 of its attorneys are ranked in the 2009 edition of Chambers USA: America’s Leading Lawyers for Business, including 32 who achieved top-band ranking or higher in 26 national and/or state categories.
12 March 2009 - The American Recovery & Reinvestment Act of 2009 (ARRA), signed into law on February 17, 2009, includes significant changes to the Health Insurance Portability and Accountability Act of 1996 (HIPAA). More specifically, Title XIII of ARRA, known as the Health Information Technology for Economic and Clinical Health (HITECH) Act, greatly expands the HIPAA obligations of “Covered Entities” and “Business Associates.”
There is no specific law on data protection for the private sector in Thailand at present. The data protection under the Official Information Act B.E. 2540 applies only to information or data in the possession of the government authorities.
8 April 2008 - The Securities and Exchange Commission (SEC) is proposing to amend Regulation S-P to require broker-dealers, investment companies, registered investment advisers and registered transfer agents to adopt comprehensive information security programs.
Privacy compliance and security standards are rapidly changing. It may be time to update your existing sourcing agreements and favorite forms to ensure that you are covered. Here are five quick adjustments to consider making to your sourcing agreements.
Hong Kong, London and Chicago, 28 January, 2008 - JSM (formerly known as Johnson Stokes & Master), one of the largest law firms in Asia, and Mayer Brown, a leading global law firm, today completed the combination that was announced 21 December, 2007.
May 2007 - Outsourcing raises a number of cross-border legal issues that are increasingly receiving attention from both consumer groups and governments. One of the hottest issues concerns the relationship between outsourcing and international privacy laws and the increasing burdens placed on outsourcing customers and suppliers to protect information.
May 2007 - Compliance with Law in Hedge Fund Outsourcings Hedge funds face a complex set of legal and quasi-legal requirements that have significant impact on their operations, despite the conventional wisdom that they operate in a relatively "unregulated" environment. These requirements must be addressed with care in outsourcing contracts in order to properly allocate compliance responsibilities between service providers and the funds.
May 2007 - The coming into force of the EU Market in Financial Instruments Directive (MiFID) on November 1, 2007, will have implications for firms operating in the financial services sector throughout Europe. This article outlines the implications for firms operating in the financial services sector in the UK.
July 2005 - The EU Data Protection Legislation regulates the basis upon which personal data can be transferred from a data controller in the European Economic Area ("EEA") to a data controller or a data processor located outside the EEA. Personal data can only be transferred by a data controller within the EEA to a person located outside the EEA if the requirements of the EU Data Protection Legislation are met.
July 2005 - The matter of allocating responsibility for the identification, interpretation and application of laws is of great importance in any outsourcing arrangement. This is true whether the outsourcing involves information technology or business process. This allocation of responsibilities with respect to compliance with laws affects the manner in which the supplier provides and the customer receives and uses the outsourcing services.
Alternative Model Terms for the Transfer of Personal Data from a Data Controller located in the European Economic Area to a Data Controller located outside the European Economic Area
October 2004 - California has taken a leading role in directing national policy on database protection by enacting the Database Breach Notification Act (SB 1386). This Act has implications for outsourcing customers and providers. The Act seeks to protect consumers and employees from identity theft by requiring businesses to notify them if their personal information has been compromised.
October 2004 - California has been extremely busy in the privacy area recently. Among other developments a new California law now mandates privacy policy notices on websites.
October 2004 - Data Protection law in the European Economic area is principally based on EU directive 95/46 ("the Directive") which is incorporated into the national legislation of the 25 member states of the EU and Norway, Iceland, and Lichtenstein, members of the European Economic area. One aspect of the Directive is to impose a level of control on the circumstances in which a business operating in an EEA member state can transfer personal data outside the EEA.
March, 2004 - On December4, 2003, President George W. Bush signed the Fair and Accurate Credit Transaction Act of 2003 (the "FACT Act" or the "Act") which amends the Fair Credit Reporting Act (the "FCRA"). The changes are wide ranging and intended to, among other things, prevent identity theft, improve the use of and consumer access to consumer reports, enhance the accuracy of consumer reports, limit the sharing of certain consumer information, ensure the preemption of state laws in certain critical areas, and improve financial education and literacy.
March 2004 - The Act is a federal law that sets out ground rules for commercial e-mail messages sent to recipients in the United States. These rules attempt to reduce the flow of unwanted e-mail by making the senders of the such e-mail messages.
March 2004 - The UK Court of Appeals issued judgment in December 2003 in the cases of Durant v. Financial Services Authority. The judgment provides important guidance on the meaning of "personal data" under the UK Data Protection Act 1998 ("DPA"), which implements the EU Data Protection Directive 96/46/EC, and provides guidance on responding to requests for access to information and documents under the subject access provisions of the DPA.
It is now a little over 7 1/2 years since the adoption of the EU Data Protection Directive, and teh European Commission has recently published its first report on teh Directive's implemenation in the EU Member State.
July 2003 - New Federal regulations, called "HIPAA regulations" after the statute that requires them, now govern the privacy of personal health information in the United States. These regulations affect companies and service providers (including outsourcers) both inside and outside the health care industry. Any company that provides services to the health industry or that provides health benefits for its employees will need to be aware of, and comply with, new requirements imposed by the HIPAA regulations.
Mayer Brown is a global legal services organization comprising legal
practices that are separate entities (the "Mayer Brown Practices"). The
Mayer Brown Practices are: Mayer Brown LLP, a limited liability
partnership established in the United States; Mayer Brown International
LLP, a limited liability partnership incorporated in England and Wales;
and JSM, a Hong Kong partnership, and its associated entities in Asia. The
Mayer Brown Practices are known as Mayer Brown JSM in Asia. "Mayer Brown"
and the "Mayer Brown" logo are the trademarks of the individual Mayer
Brown Practices in their respective jurisdictions.
