2017, Insurance and IT - Information Management Today

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

Turn the corner into 2019 and we find Citigroup, CapitalOne, Wells Fargo and HSBC Life Insurance among a host of firms hitting the crisis button after their customers’ records turned up on a database of some 24 million financial and banking documents found parked on an Internet-accessible server — without so much as password protection.

Risk

Risk Financial Services Insurance Cybersecurity

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

DLA Piper Privacy Matters

NOVEMBER 6, 2019

million against Deutsche Wohnen SE for infringements of the General Data Protection Regulation (GDPR). This alleged non-compliance with data protection rules has already been flagged by the Berlin DPA after an on-site audit in June 2017. Facts and legal evaluation by Berlin DPA.

GDPR

GDPR Personal data Archiving Compliance

German court: monitoring of employees by key logger is not allowed

Data Protection Report

AUGUST 8, 2017

The German federal labor court held in a recent decision ( Bundesarbeitsgericht , 27 July 2017 – case no. This decision is understood as a general guidance where the highest labor court gave guidance on secret employee monitoring. Subsequently, the firm installed key logger software on its employees’ computers.

Computer and Electronics

Computer and Electronics Insurance Privacy GDPR

Webinars

Improving the Accuracy of Generative AI Systems: A Structured Approach

MORE WEBINARS

Delaware amends data breach notification law

Data Protection Report

AUGUST 29, 2017

Mandatory reporting to the Attorney General if the number of affected residents exceeds 500. Norton Rose Fulbright has been shortlisted for ‘Cyber law firm of the year’ at the Insurance Insider Cyber Ranking Awards 2017.

Data breaches

Data breaches Insurance Encryption Passwords

What IG Professionals Should Know About the Internet of Bodies

ARMA International

FEBRUARY 21, 2020

A company in Wisconsin had a “chipping party” in 2017 to implant microchips in some of its employees to make it easier for them to access the buildings and systems and to buy food in the company break room. [1]. In the ingestibles category are Bluetooth electronic pills that monitor the inner workings of the human body.

Computer and Electronics

Computer and Electronics Privacy Artificial Intelligence IoT

“But the emails” – companies’ SEC filings reflect ransomware risks

Data Protection Report

SEPTEMBER 11, 2017

General ransomware risk disclosures. In one example of a post-attack disclosure, FedEx’s most recent 10-K (May 2017) discusses the impact of the WannaCry and Petya attacks on FedEx systems and subsidiaries. Still, in what for the moment might seem like a more pedestrian risk, companies continue to be affected by ransomware.

Risk

Risk Ransomware Insurance Data breaches

China Publishes Draft Regulations on Protecting the Security of Key Information Infrastructure

Hunton Privacy

JULY 11, 2017

On July 10, 2017, the Cyberspace Administration of China published a new draft of its Regulations on Protecting the Security of Key Information Infrastructure (the “Draft Regulations”), and invited comment from the general public. The Draft Regulations will remain open for comment through August 10, 2017.

Energy and Utilities

Energy and Utilities Security Cybersecurity Manufacturing

Italy: Privacy law integrating the GDPR adopted, what to do?

DLA Piper Privacy Matters

MAY 14, 2018

The Italian Board of Ministers issued the final text of the legislative decree integrating the EU General Data Protection Regulation. The Italian budget law of 2017 had introduced a system of notification/authoritization for data processing activities performed by automated means and based on legitimate interest.

GDPR

GDPR Privacy Systems administration Compliance

UK data protection after Brexit – UK government Statement of Intent contains few surprises

Data Protection Report

AUGUST 16, 2017

On the 7 th August 2017, the UK’s Government Department for Digital, Culture, Media and Sport issued a Statement of Intent (the Statement ) outlining its planned reforms of the UK’s data protection laws which are to be implemented by the Data Protection Bill (the Bill ).

Government

Government GDPR Personal data Insurance

2018 eDiscovery Case Law Year in Review, Part 4

eDiscovery Daily

JANUARY 9, 2019

Today, let’s take a look back at cases related to the number one category for 2018 (drum roll, please!), Mazzant granted the plaintiff’s motion to compel in part, ordering the defendants to produce documents related to four specific categories, but within certain parameters. disputes regarding proportionality vs. relevancy vs. privacy!

e-Discovery

e-Discovery Metadata Insurance Privacy

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

The CNIL decided that the “general information architecture” chosen by the company did not fulfil Google’s transparency and information obligations, as there was a lack of clarity and intelligibility. More details in this blog post. The same rule applies to the enforcement of each piece of legislation. Enforcement Actions.

GDPR

GDPR Personal data Privacy Information architecture

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

Furthermore, although entities that already comply with the breach notification requirements under certain state or federal laws (such as the Health Insurance Portability and Accountability Act (HIPAA), the New York Department of Financial Services cybersecurity regulations (23 N.Y.C.R.R.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

FRANCE: CNIL adopts new single authorization on fraud prevention systems

DLA Piper Privacy Matters

SEPTEMBER 29, 2017

AU-054 (the “AU-054”) on July 13, 2017 in order to cover the processing of personal data implemented in relation to these fraud prevention/detection systems. Only certain categories of entities in the banking and financial sector are eligible to self-certify under the AU-054. Parent companies of financing companies.

Personal data

Personal data Financial Services Risk Insurance

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

This guide will provide a high level overview of encryption and how it fits into IT through the following topics: How Encryption Works To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security.

Encryption

Encryption IT Passwords IoT

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. The CCPA goes into effect January 1, 2020. CCPA Background.

Privacy

Privacy Sales Compliance Government

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. The CCPA goes into effect January 1, 2020. CCPA Background.

Privacy

Privacy Sales Education Compliance

Join Our Webinar on November 16th: IGI & Preservica Address the Governance of Long-Term Digital Information

IGI

NOVEMBER 10, 2017

Before joining Preservica in May 2017, I advised more than 40 public and private sector organizations on good recordkeeping practices as an independent consultant, and learned firsthand about their wide-ranging retention requirements. I’d like to highlight challenges with two specific stakeholder groups, namely IT and executive leadership.

Digital preservation

Digital preservation Government Digital transformation Access

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. For many readers of this post, a huge amount of work will have been done in recent months in building up to compliance with the new regime. Challenge #2.

GDPR

GDPR Personal data Compliance Data breaches

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

Thus, common tools and techniques are risk matrices, risk registers, risk logs, risk breakdown structures, risk categories, Monte Carlo simulations, and sensitivity analyses. This includes defining the product scope of the DT journey and the digital products and services that will deliver transformative change for a new future.

Digital transformation

Digital transformation Risk IT Computer and Electronics

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

In our manifesto at the general election we committed to provide people with the ability to require major social media platforms to delete information held about them, especially when that information related to their childhood. New technologies have started innumerable economic revolutions, and the pace of change continues to accelerate.

GDPR

GDPR Personal data Government IT

2019 eDiscovery Case Law Year in Review, Part 3

eDiscovery Daily

JANUARY 8, 2020

DiGiusti granted the “Children” defendants’ Motion to Compel against non-party City of Oklahoma City Police Department (“OCPD”) to comply with the Children’s subpoena of records related to the murder of their father in a civil case with the insurance company. 2017: Part 1 , Part 2 , Part 3 , Part 4. Hospital Partners, Inc. Stay tuned!

e-Discovery

e-Discovery Privacy Computer and Electronics Insurance

Information Management Today

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

Webinars

Trending Sources

German court: monitoring of employees by key logger is not allowed

Webinars

Delaware amends data breach notification law

What IG Professionals Should Know About the Internet of Bodies

“But the emails” – companies’ SEC filings reflect ransomware risks

China Publishes Draft Regulations on Protecting the Security of Key Information Infrastructure

Italy: Privacy law integrating the GDPR adopted, what to do?

UK data protection after Brexit – UK government Statement of Intent contains few surprises

2018 eDiscovery Case Law Year in Review, Part 4

GDPR – The Year in Review

New York Enacts Stricter Data Cybersecurity Laws

FRANCE: CNIL adopts new single authorization on fraud prevention systems

What Is Encryption? Definition, How it Works, & Examples

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Join Our Webinar on November 16th: IGI & Preservica Address the Governance of Long-Term Digital Information

GDPR is upon us: are you ready for what comes next?

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

The debate on the Data Protection Bill in the House of Lords

2019 eDiscovery Case Law Year in Review, Part 3

Stay Connected