A Close Look at the Final Rule Requiring Notification of Ransomware and Similar Computer-Security Incidents Issued by the Office of the Comptroller of the Currency, Federal Reserve Board, and Federal Deposit Insurance Corporation
We discuss the new notification requirements that the final rule places on both U.S. banking organizations and bank service providers relating to ransomware and similar computer security incidents, including the mandated timing for providing notice, and how the final rule differs from the agencies’ proposal. We also look at the compliance challenges presented by the final rule and offer suggestions for covered entities to consider in preparing for compliance with the new requirements.
Chris Willis, Co-Chair of Ballard Spahr’s Consumer Financial Services Group, hosts the conversation, joined by Kim Phan and Phil Yannella, partners in the firm’s Privacy and Data Security Group.
Subscribe to Ballard Spahr Mailing Lists
Copyright © 2022 by Ballard Spahr LLP.
(No claim to original U.S. government material.)
All rights reserved. No part of this podcast may be reproduced, stored in a retrieval system, or transmitted in any form or by any means, including electronic, mechanical, photocopying, recording, or otherwise, without prior written permission of the author and publisher.
This podcast is a periodic publication of Ballard Spahr LLP and is intended to notify recipients of new developments in the law. It should not be construed as legal advice or legal opinion on any specific facts or circumstances. The contents are intended for general informational purposes only, and you are urged to consult your own attorney concerning your situation and specific legal questions you have.