We discuss the new notification requirements that the final rule places on both U.S. banking organizations and bank service providers relating to ransomware and similar computer security incidents, including the mandated timing for providing notice, and how the final rule differs from the agencies’ proposal. We also look at the compliance challenges presented by the final rule and offer suggestions for covered entities to consider in preparing for compliance with the new requirements.
Chris Willis, Co-Chair of Ballard Spahr’s Consumer Financial Services Group, hosts the conversation, joined by Kim Phan and Phil Yannella, partners in the firm’s Privacy and Data Security Group.
Click here to listen to the podcast.