Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Any cybersecurity event that affects a third-party service provider that also affects the covered entity. Multifactor Authentication.

Financial Services 55

Financial Services Cybersecurity Ransomware Compliance 55

Data Matters

SEPTEMBER 6, 2022

Privacy never sleeps in California. In recent days and as California’s legislative session comes to a close, there have been a number of significant legislative and regulatory developments in the state, each of which will likely (again) change the privacy landscape in California and, by extension, the rest of the country.

Privacy 197

Privacy B2B Sales Compliance 197

Thales Cloud Protection & Licensing

MARCH 14, 2024

Keeping Customer Data Safe: AI's Privacy Paradox andrew.gertz@t… Thu, 03/14/2024 - 17:38 AI's appeal lies in its ability to personalize and streamline customer experiences in ways previously unimaginable. However, AI has emerged as a focal point in technology policy discussions , intertwining with ongoing debates on data privacy.

Privacy 71

Privacy Data Privacy Analytics Risk 71

IT Governance

NOVEMBER 13, 2023

Records breached: None Butler County reports personal information breach Date of breach: 8 November 2023 Breached organisation: Butler County Incident details: The Butler County Commissioners Office has announced that personal data was compromised in October when an unauthorised third party accessed its network. Records breached: 1.3

Data Privacy 85

Data Privacy Privacy Security Data breaches 85

Data Protection Report

JANUARY 30, 2023

Late December and early January tend to be a busy time for everyone, so you may have missed a privacy update or two during that time. Colorado’s privacy law does not have any “data localization” or “international data transfer” requirements. Answers are below. Processing purposes. The list appears in proposed rule 6.04.A. 8. b.

Privacy 115

Privacy Cybersecurity Personal data Insurance 115

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

Data Matters

JANUARY 20, 2021

Office of the Comptroller of the Currency (OCC) issued its controversial final rule (Rule) 1 to establish a new requirement for covered banks to provide “fair access” to financial services to both natural persons and legal entities.

Access 68

Access Financial Services Marketing Risk 68

IT Governance

DECEMBER 11, 2023

Researchers from the German cyber security company Aplite discovered 3,806 servers from 111 countries accessible on the Internet. In his keynote address, he said: “Privacy and AI go hand in hand – there is no either/or here. In his keynote address, he said: “Privacy and AI go hand in hand – there is no either/or here.

Data Privacy 101

Data Privacy Energy and Utilities Privacy Manufacturing 101

IT Governance

APRIL 29, 2024

million to settle a complaint alleging that the home security camera company Ring “allowed employees and contractors to access consumers’ private videos and failed to implement security protections, enabling hackers to take control of consumers’ accounts, cameras, and videos”. iSharing is used by more than 35 million users.

Data Privacy 94

Data Privacy Privacy Manufacturing Security 94

Hunton Privacy

NOVEMBER 1, 2022

The Report discusses the need to adapt existing policy frameworks to account for the change brought about by DeFi to the underlying information structure upon which financial services are provided. Rather, the majority of risks are continuously being addressed through solutions produced within the DeFi ecosystem itself.

Financial Services 115

Financial Services Blockchain Risk Marketing 115

Hunton Privacy

APRIL 22, 2020

On April 13, 2020, the New York Department of Financial Services (“NYDFS”) issued guidance (“April guidance”) to all New York State entities covered under NYDFS’s cybersecurity regulation regarding assessing and addressing heightened cybersecurity risks due to the COVID-19 pandemic.

Financial Services 71

Financial Services Cybersecurity Phishing Risk 71

Hunton Privacy

AUGUST 15, 2022

On July 29, 2022, the New York Department of Financial Services (“NYDFS”) posted proposed amendments (“Proposed Amendments”) to its Cybersecurity Requirements for Financial Services Companies (“Cybersecurity Regulations”). As part of the “access privileges” requirements under Section 500.7

Financial Services 55

Financial Services Cybersecurity Risk Passwords 55

Data Matters

JUNE 5, 2018

Section 301 gives consumers a new federal right to request a “freeze” of their credit files, prohibiting access to those files by new creditors. The post President Trump Signs Financial Services Regulatory Reform Legislation appeared first on Data Matters Privacy Blog.

Financial Services 68

Financial Services Insurance Privacy Authentication 68

Data Matters

AUGUST 17, 2021

On August 11, 2021, the Federal Financial Institutions Examination Council (FFIEC)1 issued guidance establishing risk management principles and practices to support the authentication of users accessing a financial institution’s information systems and customers accessing a financial institution’s digital banking services (the Guidance).

Authentication 88

Authentication Access Risk Financial Services 88

Data Matters

MARCH 28, 2022

OCR’s reminders and recommendations for regulated entities include to: assess and reduce risks and vulnerabilities to the availability of ePHI, which is defined as “the property that data or information is accessible and useable upon demand by an authorized person” pursuant to the HIPAA Security Rule. 45 CFR 164.308(a)(5)(i).

Cybersecurity 88

Cybersecurity Privacy Insurance Risk 88

Schneier on Security

JANUARY 31, 2024

By separating which companies see what parts of our data, and in what contexts, we can gain control over data about ourselves (improving privacy) and harden cloud infrastructure against hacks (improving security). The best way for financial services firms to meet the CFPB’s rules would be to apply the decoupling principle broadly.

Financial Services 99

Financial Services Privacy Personal data Marketing 99

The Last Watchdog

FEBRUARY 25, 2019

Related: Applying ‘zero trust’ to managed security services. So why hasn’t the corporate sector been more effective at locking down access for users? Here are takeaways from our fascinating discussion: Access pain points. It’s not for lack of trying. Efforts to balance security and productivity sometimes backfired.

Access 169

Access Government Authentication Data breaches 169

The Last Watchdog

JULY 11, 2023

Related: Preserving the privacy of the elderly As more traders and investors engage in these investment avenues, it is crucial to adopt robust security measures to safeguard sensitive and regulated information. When it comes to alternative asset trading, protecting investor data is of critical importance. Foster collaborative partnerships.

IT 189

IT Encryption Risk Financial Services 189

Data Protection Report

MARCH 7, 2024

A medical facility in the United States contracts with a company headquartered in a country of concern to provide IT-related services. The IT services provided under the contract involve access to the medical facility’s systems containing the bulk personal health data. Will there be some exempt financial transactions?

Access 59

Access Military Compliance Personal data 59

DLA Piper Privacy Matters

JULY 22, 2021

As individuals become more aware of their rights under data protection law, data subject access requests ( DSARs ) are an increasingly frequent concern for organisations both large and small. This allows for restrictions on the right of access: “ where the restrictions are necessary and proportionate ….

Access 119

Access Personal data GDPR Financial Services 119

Data Protection Report

JUNE 14, 2022

As privacy incidents and security breaches involving personal information become increasingly frequent, organizations are more and more aware of the importance of implementing a robust privacy program to mitigate the risks and impacts of such incidents. Legal Obligations. Procedural Considerations.

Privacy 52

Privacy Data breaches Compliance Financial Services 52

The Last Watchdog

DECEMBER 6, 2022

Widely adopted from healthcare to law enforcement, it can deliver secure, accurate authentication even when the user is wearing a mask; it prevents unauthorized access that can now be done by compromising devices we use as a second factor of authentication. This is because it relies on biometric features that can’t be shared.

Authentication 203

Authentication Passwords Artificial Intelligence Financial Services 203

Data Matters

JANUARY 28, 2022

Other government agencies, like the New York Department of Financial Services and the Federal Trade Commission, are also increasingly focused on the need for broad implementation of MFA. The agencies recommend that all users, without exception, must be authenticated with MFA for remote access to internal networks. The post U.S.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

Hunton Privacy

MARCH 8, 2019

On March 5, 2019, the Federal Trade Commission announced that it is seeking comment on proposed changes to the FTC’s Safeguards Rule and Privacy Rule under the Gramm-Leach-Bliley Act (“GLB”). The proposed changes would add more detailed requirements on how financial institutions must protect customer information.

Privacy 55

Privacy Insurance Financial Services Encryption 55

The Last Watchdog

AUGUST 3, 2023

This marks a monumental leap forward in secure financial and healthcare data analytics, enabling encrypted data to be safely analyzed and visualized for the first time, all while maintaining absolute data privacy and security. You can schedule a meeting to meet with our team at [link].

Encryption 100

Encryption Analytics Data Privacy Cybersecurity 100

IT Governance

JANUARY 16, 2024

noyb accuses Meta of unlawfully ignoring users’ right to easily withdraw consent The privacy rights group noyb has accused Meta’s “pay or okay” system, which requires users to pay a “privacy fee” to avoid being tracked, of violating the GDPR’s requirements relating to the withdrawal of consent.

Data Privacy 52

Data Privacy Privacy Manufacturing Retail 52

IBM Big Data Hub

JANUARY 12, 2024

The advantages of AI are numerous and impactful, from predictive analytics that refine strategies, to natural language processing that fuels customer interactions and assists users in their daily tasks, to assistive tools that enhance accessibility, communication and independence for people with disabilities.

Cloud 95

Cloud Data Privacy Encryption Privacy 95

Thales Cloud Protection & Licensing

JANUARY 11, 2023

Businesses across the globe are accelerating the shift to the cloud in a modern digital world where hybrid workforces are accessing data from anywhere. Security & Compliance for SAP Data in Financial Services. SAP and Thales have worked together to solve these challenges for financial services customers.

Compliance 83

Compliance Cloud Security Financial Services 83

Data Protection Report

JANUARY 6, 2020

The Court of Justice of the European Union (CJEU) will determine the validity of the EU Standard Contractual Clauses (SCCs) ( Data Protection Commissioner v Facebook Ireland Limited, Maximillan Schrems ) whilst the General Court of the EU will consider the future of Privacy Shield (La Quadrature du Net v Commission). In the U.S.,

Privacy 85

Privacy GDPR Data breaches Risk 85

IBM Big Data Hub

FEBRUARY 22, 2024

We strongly believe the influx of data associated with AI will fuel tremendous business innovations, but requires strategic considerations, including around where data resides, data privacy, resilience, operational controls, regulatory requirements and compliance, and certifications.

Cloud 74

Cloud Computer and Electronics Compliance Financial Services 74

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR.

Data Privacy 111

Data Privacy Privacy Compliance Analytics 111

Data Matters

MARCH 12, 2019

Over the last few years, States have enacted increasingly aggressive legislation concerning data privacy and security, raising concerns that companies will be subject to a patchwork of different standards.

Privacy 68

Privacy IT Information Security Insurance 68

Krebs on Security

JUNE 18, 2021

Aside from its core business competency — checking to make sure the property at issue in any real estate transaction is unencumbered by any liens or other legal claims against it — First American basically has one job: Protect the privacy and security of all these documents. “That’s a high-risk vulnerability.

Insurance 288

Insurance Risk Financial Services Mining 288

Data Protection Report

DECEMBER 23, 2019

This blogpost summarises our recent webinar: “ An urgent message from Berlin: The importance of record retention in privacy and cybersecurity ”. The authority claimed a violation of data minimisation and privacy by design principles under the EU General Data Protection Regulation (GDPR). . Why should this be a high priority project?

Privacy 144

Privacy Compliance Personal data Risk 144

IBM Big Data Hub

FEBRUARY 5, 2024

The Digital Operational Resilience Act (DORA) marks a significant milestone in the European Union’s (EU) efforts to bolster the operational resilience of the financial sector in the digital age. Ensuring end-to-end Protection To achieve total data privacy assurance, a key component is confidential computing and cryptography.

Encryption 68

Encryption Data Privacy Compliance Cloud 68

HL Chronicle of Data Protection

OCTOBER 25, 2019

Privacy Shield. continues to provide an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the U.S. The EU-US Privacy Shield is reviewed on a yearly basis, to assess that it continues to ensure an adequate level of protection of personal data. Background.

Privacy 40

Privacy IT Personal data Financial Services 40

Data Matters

DECEMBER 27, 2018

With the midterm election out of the way, legislators on Capitol Hill and in state capitols are getting ready to consider the future of data privacy regulation in 2019 and consumer and industry groups continue to weigh in on the ongoing debate. The debate has begun to move from principles and frameworks to drafting of legislative language.

Privacy 68

Privacy Data Privacy Personal data Data breaches 68