Blog and Information Security - Information Management Today

category financial-privacy

Blog

Information Security

ISO 27001 and Physical Security

IT Governance

MAY 15, 2024

Physical access control, physical security monitoring, CCTV, and more When we hear the term ‘information security’ – or, for that matter, ‘ISO 27001’ – our thoughts usually turn straight to cyber security. However, physical security is also an important aspect of information and data security.

Security

Security Information Security Access Cloud

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

The results are in, and California voters have approved the California Privacy Rights Act (CPRA) which was listed on the ballot as Proposition 24. Consumers will also have opt-out rights relating to the use of their personal information in automated decision-making, including consumer profiling.

Privacy

Privacy B2B Sales Data breaches

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Trending Sources

How long do you have to report a data breach?

IT Governance

DECEMBER 13, 2018

This blog has been updated to reflect industry updates. This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. Most breaches fit into this category, but not all of them. Originally published 24 October 2018.

Data breaches

Data breaches GDPR Personal data Compliance

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

Guest Post - Three Critical Steps for GDPR Compliance

AIIM

JANUARY 17, 2018

This is the eighth post in a series on privacy by Andrew Pery. You might also be interested in: Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. Privacy by Design: The Intersection of Law and Technology. What Do the GDPR and new Privacy Laws Mean for U.S.

GDPR

GDPR Compliance Data collection Privacy

How long do you have to report a data breach?

IT Governance

OCTOBER 24, 2018

This is the deadline given to you under the EU GDPR (General Data Protection Regulation) to report information security incidents to your supervisory authority. This generally refers to the possibility of affected individuals facing economic or social damage, such as discrimination, reputational damage or financial losses.

Data breaches

Data breaches GDPR Compliance Personal data

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

Together, the new laws require the implementation of reasonable data security safeguards, expand breach reporting obligations for certain types of information, and require that a “consumer credit reporting agency” that suffers a data breach provide five years of identity theft prevention services for impacted residents.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

Data Matters

FEBRUARY 10, 2022

For example, SEC guidance from 2018 emphasizes that there is a range of factors that may affect whether an incident should be disclosed to investors beyond the bottom-line financial costs to respond to the incident. financial markets. 11 But the SEC declined to go that far when it adopted Reg SCI.

Cybersecurity

Cybersecurity Marketing Risk Compliance

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Data Matters

APRIL 6, 2022

5 Priorities include risks associated with firms’ use of emerging financial technologies and whether their compliance programs consider and address those risks; firms offerings new products and services or employing new practices (e.g., Both categories will be examined for compliance with the SEC Standards for Covered Clearing Agencies.

Retail

Retail Compliance Sales Risk

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

Data Matters

NOVEMBER 27, 2019

To secure SFC approval, the following summarized key requirements must be satisfied: 1) Key requirements where records are “exclusively” kept with EDSPs. Firms must assess the operational capabilities, technical expertise and financial soundness of the proposed vendor to ensure it is suitable and reliable to keep regulatory records. .

Cloud

Cloud Access Information Security Risk

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

We have shared below some interesting points that we’ve seen arising recently, all of which relate to how things are likely to develop from today onwards, including enforcement predictions, challenges related to operationalizing data subject access procedures, and how the GDPR may change the data privacy litigation landscape in Europe.

GDPR

GDPR Personal data Compliance Data breaches

Summary – “Industry in One: Financial Services”

ARMA International

NOVEMBER 7, 2019

The scope of a records and information management (RIM) program in financial services can seem overwhelming. Compared to other industries, the complexities of managing records and information in financial services are arguably some of the toughest to solve, primarily because of the intense regulatory scrutiny.

Financial Services

Financial Services Communications Compliance Risk

An Approach to Cybersecurity Risk Oversight for Corporate Directors

Data Matters

APRIL 23, 2018

Recent guidance from the Securities and Exchange Commission (SEC) on disclosure and enforcement actions by the Federal Trade Commission (FTC) make clear that cybersecurity is no longer a niche topic, but a concern significant enough to warrant the oversight of corporate boards of directors.

Cybersecurity

Cybersecurity Risk Passwords Authentication

FTC ANPR Explores Wide Ranging Topics for Privacy and Cybersecurity Rulemaking

Data Matters

AUGUST 25, 2022

This change opened the ability for the FTC to expand its oversight of privacy and cybersecurity issues. However, this ANPR makes clear that the FTC is interested in expanding its ability to protect consumers affected by such practices, including by expanding the FTC’s authority to seek financial penalties for first-time violations.

Privacy

Privacy Cybersecurity Data Privacy Data collection

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

KnowBe4

MARCH 14, 2023

The title said it all, and the news is that more than 4% of employees have put sensitive corporate data into the large language model, raising concerns that its popularity may result in massive leaks of proprietary information. link] [SCAM OF THE WEEK] Is ChatGPT Your Next Financial Advisor?

Phishing

Phishing Security Artificial Intelligence Security awareness

ISO 27001 and Physical Security

California Privacy Law Overhaul – Proposition 24 Passes

Webinars

Trending Sources

How long do you have to report a data breach?

Webinars

Guest Post - Three Critical Steps for GDPR Compliance

How long do you have to report a data breach?

New York Enacts Stricter Data Cybersecurity Laws

SEC Chair: Sweeping New Cybersecurity Rules Are Coming Soon

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Hong Kong Regulator Imposes New Conditions to Regulate Outsourcing Arrangements for Cloud Storage

GDPR is upon us: are you ready for what comes next?

Summary – “Industry in One: Financial Services”

An Approach to Cybersecurity Risk Oversight for Corporate Directors

FTC ANPR Explores Wide Ranging Topics for Privacy and Cybersecurity Rulemaking

CyberheistNews Vol 13 #11 [Heads Up] Employees Are Feeding Sensitive Biz Data to ChatGPT, Raising Security Fears

Stay Connected