Posts

Showing posts with the label Pillsbury Winthrop Shaw Pittman LLP

NYDFS Imposes $2M Penalty for Violations of its Cybersecurity Regulation

Consent order between New York state regulator and company highlights multi-factor authentication requirement and failure to timely report the Cyber Event. The New York State Department of Financial Services (NYDFS) announced on  August 14, 2025 , resolution of civil enforcement action requiring Healthplex, Inc., a licensed insurance agent and independent adjuster, to pay a $2 million civil penalty under a  consent order   for violations of the  NYDFS cybersecurity regulation  (23 NYCRR Part 500) . The NYDFS alleges in the consent order that a threat actor gained access to Healthplex’s information systems through a phishing attack on an employee’s email account, and that Healthplex’s cybersecurity program was not adequately calibrated to protect against, mitigate or respond to the incident. As a result, the threat actor gained access to the private health data and sensitive nonpublic information (NPI) of tens of thousands of consumers. The consent order states t...

Forthcoming Enterprise-Wide and Egregious Violations from California’s Division of Occupational Safety and Health

  California employers could soon face increased penalties for workplace safety violations that are “enterprise-wide” or “egregious.” On March 25, 2025, the California Department of Industrial Relations will hold an advisory committee meeting to solicit input on proposed amendments to Division of Occupational Safety and Health (Cal/OSHA) regulations regarding so-called “enterprise-wide” and “egregious” violations. The proposed regulatory amendments follow the signing of Senate Bill 606 (SB 606), which amended Labor Code sections 6317 and 6317.8 in 2021. The definitions of “enterprise-wide” and “egregious” violations will be added to Cal/OSHA’s existing regulatory framework for citation classification and penalty calculation. Because Labor Code sections 6317 and 6317.8 are similar to federal Occupational Safety and Health Administration (Fed OSHA) policies, the proposed amendments are also intended to ensure Cal/OSHA’s enforcement program is at least as effective as Fed OSHA’s progr...

Trump 2.0: A First Look at the Department of Government Efficiency

  Companies would be wise to take into consideration the potential outsized impact of DOGE as they develop public policy plans for the new administration. Takeaways DOGE is intended to serve as an advisory or consulting organization which, empowered by Trump, provides recommendations or strategies for government leaders to implement . DOGE’s mission will focus on three major kinds of reforms, including regulatory rescissions, administrative reductions and cost savings . According to DOGE leaders Elon Musk and Vivek Ramaswamy, the organization will identify issues and make recommendations to the White House, agency leaders and Congress for actio n. Since the election, President-elect Trump has announced a flurry of initiatives for his next term in the White House, along with nominations of the government officials tapped to drive his agenda. As part of these announcements, Trump selected Elon Musk and Vivek Ramaswamy to lead a new entity dubbed “the Department of Government Efficien...