Learn about the change to hardship distributions employers may consider adopting. New legislation did not change what might constitute an individual hardship, but it does make hardship withdrawals easier to obtain for participants.
READ THE ARTICLE
OSHA recently released a memo clarifying how to apply standards when conducting compliance investigations. The federal regulations are still in place and remain unchanged, but the memo raises some concerns about post-accident drug testing.
About three million workers service equipment and face the risk of injury if lockout/tagout is not properly implemented. According to OSHA, compliance with the LOTO standard prevents an estimated 120 fatalities and 50,000 injuries each year.
READ THE ARTICLE
The end of the individual mandate penalty in 2019 does not change an employer’s 1094C/1095C reporting obligations. The information reported on the 1094C/1095C forms relates primarily to the employer mandate, which is not going away.
This month's Threat Intelligence Report is about a large hotel chain that reports an “unauthorized access” to its customer database since 2014, exposing data of 500 million guests; a vulnerability in a postal service site that left 60 million customers exposed for more than a year; a third-party vendor breach that exposes data of millions of healthcare patients; a new report that profiles notorious MageCart cyber criminals; court documents that reveal first-ever indictment on ransomware charges; and a bundled pack that makes SamSam and other ransomware easier for hackers to obtain and deploy.
In this new Threat Intelligence report, we discuss some of the latest cyber risks, including Chinese involvement in U.S. hardware hacks; a study that reveals the ease at which criminals are using legitimate email credentials; a Canadian university that recovered $10.9 million in an $11.8 million fraud scheme; millions of voter registration records listed for sale ahead of the 2018 mid-term elections; companies impersonated by hackers in phishing schemes; and ransomware-as-a-service that is now offering exploit kits to users.
Regardless of your company’s size or mission, the legal costs associated with a D&O lawsuit can be crippling for both an organization and its leadership. To complicate matters, D&O liability can come from a variety of sources, and claims can arise without warning. While D&O insurance provides a last line of defense for organizations and their leadership teams, the best way to protect against D&O claims is to avoid them altogether. Understanding the main sources of D&O liability can go a long way in avoiding costly legal action.
Two recently discovered security flaws could allow hackers to bypass regular security measures and obtain normally inaccessible data. The flaws, referred to as Meltdown and Spectre, are both caused by design flaws found in nearly all modern processors. These vulnerabilities can be exploited to access all of the data found in personal computers, servers, cloud computing services and mobile devices.
The European Union’s new General Data Protection Regulation (GDPR) becomes effective on May 25, 2018. The European Union (EU) enacted these rules to create uniform data protection rules for all member states. In its view, a unified set of rules and standards would allow EU citizens more control over their personal information. The new rule will also have a global impact on any company that offers goods or services to EU residents or monitors their behavior (e.g., tracking their buying habits). The ruling will impact U.S. firms that collect, store or process EU customer data.
In a previous article, we discussed what consumers should do in the wake of the breach of data at Equifax. But what about its effects on businesses? Businesses have a significant responsibility to protect their customers’ personally identifiable information (PII). Failure to do so could lead to lawsuits, loss of trust, loss of revenue, and even loss of the business.
This year, there are a lot of scary statistics related to social engineering fraud. A 2017 Federal Bureau of Investigation (FBI) Public Service Announcement stated that between January 2015 and December 2016 there was a 2,370 percent increase in identified exposed losses by social engineering. Social engineering can be a very effective way for a criminal to steal your digital assets, and organizations should do everything they can to protect them.
Ransomware attacks increased by over 250% during the first few months of 2017, according to a recent report by the security firm Kaspersky. In its report, Kaspersky warned of a ransomware epidemic in the wake of the WannaCry cyberattack. More often than not employers do not realize they have become a victim until users start to complain about inability to access their documents and information.
Send a Message
Find a Location