Webinars
"Time Flies! Navigating Federal Banking Regulators' 36-Hour Security Incident Notification Rule," Davis Wright Tremaine Webinar
04.07.22
Under new rules issued by the Federal Reserve, FDIC, and OCC, banks and their service providers must provide notice of a "computer-security incident" within 36 hours. The rule goes into effect on April 1, 2022, with full compliance extended to May 1, 2022. DWT's privacy and security and banking and financial services practice groups discuss the new rules and strategies for compliance.
Topics:
- Entities covered by the new rules
- The definition of a "computer-security incident" and instances when applying the definition might be challenging
- Strategies for analyzing a potential computer-security incident and evaluating whether the notification obligation is triggered (i.e., is a "Notification Event")
- Specific notification requirements for service providers
- How the new rules compare to other breach and incident notification requirements
- Practical considerations for incident response plans and procedures
Speakers:
- Alexandra Barrage
- Michael Borgia
(On-demand versions are not eligible for CLE credit.)
Related Articles
2025
Feature
Financial Services
New Administration Outlook: Helping You Navigate Post-Election Uncertainty in 2025 and Beyond Read More External Link03.25.25
Publications
Artificial Intelligence
Co-author, "Privacy Law Issues for Developers and Deployers of Generative Artificial Intelligence," LexisNexis Read More External Link03.14.25
Webinars
Bank Regulatory
"Using AI and Other Modern Tech: Analyzing the FDIC Pause Letters," RegReform, Davis Wright Tremaine Webinar Read More