Compliance, Examples and Insurance - Information Management Today

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. See the Top Governance, Risk and Compliance (GRC) Tools.

Data Privacy

Data Privacy Compliance Privacy Security

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Armstrong Archives

DECEMBER 19, 2023

Whether it’s maintaining regulatory compliance or simply making tax season easier, an effective record retention strategy is paramount. First, identify the types of records your business generates and categorize them (e.g., Each category will have different legal and operational retention requirements.

Compliance

Compliance Archiving Digital transformation Sales

What Is Integrated Risk Management? Definition & Implementation

eSecurity Planet

APRIL 29, 2024

For example, a clothing brand might select a business objective such as to develop unique and appealing designs. In the examples above, the clothing brand will use traditional and computer-aided design prototyping and marketing research. What objectives deliver maximum value to shareholders?

Risk

Risk Compliance Communications Insurance

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

The EU General Data Protection Regulation (GDPR) is designed to harmonise data protection laws across the EU, but certain industries will have to respond differently in order to achieve compliance. A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers.

Insurance

Insurance GDPR Compliance Data collection

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

Three Critical Steps for GDPR Compliance. GDPR Compliance Starts with Data Discovery. The EU General Data Protection Regulation is a game changer , particularly enforcement of obligations to safeguard privacy rights. This is the 11th post in a series on privacy by Andrew Pery. The Privacy and Security Dichotomy.

GDPR

GDPR Compliance Privacy Data Privacy

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

With the growing patchwork of state data privacy laws continuing to pose challenges for compliance—and the potential for federal data privacy legislation at the forefront of policy debates—the UPDPA may provide state legislators with a path toward a standardized statutory scheme.

Data breaches

Data breaches Privacy Personal data Data Privacy

Regulatory Update: NAIC Summer 2022 National Meeting

Data Matters

SEPTEMBER 7, 2022

The National Association of Insurance Commissioners (NAIC) held its Summer 2022 National Meeting (Summer Meeting) August 9–13, 2022. The Privacy Working Group has been reviewing state insurance privacy protections regarding the collection, ownership, use, and disclosure of information gathered in connection with insurance transactions.

Insurance

Insurance Paper Privacy Risk

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

Data Matters

APRIL 10, 2020

On March 11, 2020, the California Attorney General (“AG”) released the third turn of proposed California Consumer Privacy Act (“CCPA”) regulations. Language from an earlier draft that prompted widespread use of granular charts to repeatedly reiterate information per category of personal information has not made a reappearance.

Privacy

Privacy Sales Insurance Compliance

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

These records are typically organized by grouping them by function or department and then described as either an individual record or grouped together into a record category. Countries and organizations within the European Union (EU), must comply with the requirements of the General Data Protection Regulation (GDPR) 1.

Personal data

Personal data GDPR Privacy Records Management

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

DLA Piper Privacy Matters

NOVEMBER 6, 2019

million against Deutsche Wohnen SE for infringements of the General Data Protection Regulation (GDPR). This alleged non-compliance with data protection rules has already been flagged by the Berlin DPA after an on-site audit in June 2017. Facts and legal evaluation by Berlin DPA.

GDPR

GDPR Personal data Archiving Compliance

What Is Encryption? Definition, How it Works, & Examples

eSecurity Planet

DECEMBER 7, 2023

This guide will provide a high level overview of encryption and how it fits into IT through the following topics: How Encryption Works To understand how encryption works, we need to understand how it fits into the broader realm of cryptology, how it processes data, common categories, top algorithms, and how encryption fits into IT security.

Encryption

Encryption IT Passwords IoT

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

International businesses with global privacy compliance programs should seek to expand those to cover the UAE and achieve some synergies. While the PDPL will not be effective immediately, we recommend that businesses take compliance steps as soon as possible. The form and use of consents should be considered carefully.

Personal data

Personal data Data breaches GDPR Compliance

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Data Matters

OCTOBER 22, 2019

Businesses, consumer advocates, and privacy watchers thus have been eagerly waiting for over a year for the Attorney General to propose the regulations the CCPA requires him to promulgate. As laid out below, the nature and breadth of the Attorney General’s proposed regulations explain why they took so long to produce.

Privacy

Privacy Sales Paper Compliance

OCR Issues Bulletin on the Sharing and Security of PHI During Coronavirus Pandemic

Hunton Privacy

MARCH 24, 2020

Department of Health and Human Services (“HHS”) issued a Bulletin on sharing and protecting patients’ protected health information (“PHI”) in compliance with the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) during the COVID-19 national emergency. The Office for Civil Rights (“OCR”) at the U.S.

Security

Security Privacy Insurance Compliance

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

According to the bill’s author, it was consciously designed to emulate the new European General Data Protection Regulation (GDPR) that went into effect on May 25, and if and when it goes into effect, it would constitute the broadest privacy law in the United States. Specific categories defined as personal information include.

GDPR

GDPR Privacy Sales Data breaches

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

Furthermore, although entities that already comply with the breach notification requirements under certain state or federal laws (such as the Health Insurance Portability and Accountability Act (HIPAA), the New York Department of Financial Services cybersecurity regulations (23 N.Y.C.R.R. codified at N.Y.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

“But the emails” – companies’ SEC filings reflect ransomware risks

Data Protection Report

SEPTEMBER 11, 2017

General ransomware risk disclosures. In one example of a post-attack disclosure, FedEx’s most recent 10-K (May 2017) discusses the impact of the WannaCry and Petya attacks on FedEx systems and subsidiaries. We are honored to be included as a nominee, and believe that it reflects our leading experience within the cyber insurance sector.

Risk

Risk Ransomware Insurance Data breaches

New Nevada Privacy Law With “Sale” Opt-Out Right Will Take Effect Before the CCPA

HL Chronicle of Data Protection

JUNE 3, 2019

Companies affected by SB-220 that are also considering the implementation of CCPA-compliance strategies to all of their US operations may no longer have until the end of the calendar year to finalize those programs. The Nevada Attorney General is charged with enforcing the newly revised law. Existing Notice Requirements. Enforcement.

Sales

Sales Privacy Insurance Manufacturing

UK data protection after Brexit – UK government Statement of Intent contains few surprises

Data Protection Report

AUGUST 16, 2017

The Statement anticipates the UK’s departure from the EU and makes it clear that following this, the Bill will transpose the General Data Protection Regulation (the GDPR ) into domestic law, stressing the importance of continued efficiency of data flow between the UK and the EU in a post-Brexit world.

Government

Government GDPR Personal data Insurance

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. CCPA Background. 17-0039). Right of Disclosure. Right of Deletion.

Privacy

Privacy Sales Compliance Cybersecurity

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. For many readers of this post, a huge amount of work will have been done in recent months in building up to compliance with the new regime. What do we expect in terms of enforcement priorities?

GDPR

GDPR Personal data Compliance Data breaches

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

Data Protection Report

MARCH 7, 2024

Approximately at the same time as the Executive Order that we described in Part 1 was issued, the Attorney General (AG) unofficially released 90 pages of Advanced Notice of Proposed Rulemaking (ANPRM), which will become official once published in the Federal Register. What is included in the special category of “government related data”?

Access

Access Military Compliance Personal data

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

In the aftermath of the Cambridge Analytica scandal, and in the footsteps of Europe’s General Data Protection Regulation (“GDPR”), California privacy advocates introduced a ballot initiative on October 12, 2017 called “The Consumer Right to Privacy Act of 2018” (No. CCPA Background. 17-0039). Right of Disclosure. Right of Deletion.

Privacy

Privacy Sales Education Compliance

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

DLA Piper Privacy Matters

FEBRUARY 7, 2019

Looking at each in turn: Under GDPR, a series of obligations are automatically placed on the Controller, including the general principles relating to processing (such as to do so lawfully, fairly and in a transparent manner) under Article 5 and the conditions for obtaining consent under Article 7.

GDPR

GDPR Risk Data breaches Personal data

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

For example, where cookies are used to collect information which constitutes personal data, while Article 6 GDPR provides several different lawful grounds for processing, Article 5(3) ePD requires consent to be obtained from individuals before cookies are placed on their devices. More details in this blog post. More details in this blog post.

GDPR

GDPR Personal data Privacy Information architecture

A Guide to CCPA Compliance and How the California Consumer Privacy Act Compares to GDPR

erwin

APRIL 18, 2019

California Consumer Privacy Act (CCPA) compliance shares many of the same requirements in the European Unions’ General Data Protection Regulation (GDPR). Data governance , thankfully, provides a framework for compliance with either or both – in addition to other regulatory mandates your organization may be subject to.

GDPR

GDPR Compliance Privacy Personal data

Regulatory Update: NAIC Fall 2019 National Meeting

Data Matters

DECEMBER 20, 2019

The National Association of Insurance Commissioners (the NAIC) held its Fall 2019 National Meeting (Fall Meeting) in Austin, Texas, from December 7 to 10, 2019. NAIC Advances Accreditation Standard Process for Revised Credit for Reinsurance Model Law and Regulation, and Term and Universal Life Insurance Reserve Financing Model Regulation.

Insurance

Insurance Risk Artificial Intelligence Privacy

Regulatory Update: NAIC Fall 2019 National Meeting

Data Matters

DECEMBER 20, 2019

The National Association of Insurance Commissioners (the NAIC) held its Fall 2019 National Meeting (Fall Meeting) in Austin, Texas, from December 7 to 10, 2019. NAIC Advances Accreditation Standard Process for Revised Credit for Reinsurance Model Law and Regulation, and Term and Universal Life Insurance Reserve Financing Model Regulation.

Insurance

Insurance Risk Artificial Intelligence Privacy

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

Data Matters

OCTOBER 23, 2019

Businesses, consumer advocates, and privacy watchers have thus been eagerly waiting for over a year for the Attorney General to propose the regulations the CCPA requires him to promulgate. As laid out below, the nature and breadth of the Attorney General’s proposed regulations explain why they took so long to produce.

Sales

Sales Privacy Passwords Compliance

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Next-generation firewalls (NGFWs): Improve the general security of a firewall with advanced packet analysis capabilities to block malware and known-malicious sites. Cloud infrastructure entitlement management (CIEM): Manages compliance, risk, and security with controlled user, system, and app cloud resource access.

Security

Security Cloud Cybersecurity Risk

Mic Drop: California AG releases long-awaited CCPA Rulemaking

Data Protection Report

OCTOBER 11, 2019

On October 10, 2019, with just weeks to go until the law goes into effect, the California Attorney General released the long-awaited draft regulations for the California Consumer Privacy Act (CCPA). The Attorney General will hold public hearings in four California cities during the first week of December to hear comments. 999.305(d)).

Sales

Sales Retail Privacy Access

SEC Updates Guidance On Cybersecurity Risk And Incident Disclosure Requirements

Privacy and Cybersecurity Law

MARCH 26, 2018

Cybersecurity Disclosure Obligations – Generally. ” Specific to the six categories of disclosure outlined above, the new guidance addresses how cybersecurity risks and incidents should be addressed: Risk Factors. Summary of New Guidance. authorities.”

Risk

Risk Cybersecurity Insurance Compliance

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

In our manifesto at the general election we committed to provide people with the ability to require major social media platforms to delete information held about them, especially when that information related to their childhood. Data is not just a resource for better marketing, better service and delivery.

GDPR

GDPR Personal data Government IT

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

ARMA International

SEPTEMBER 27, 2021

Thus, common tools and techniques are risk matrices, risk registers, risk logs, risk breakdown structures, risk categories, Monte Carlo simulations, and sensitivity analyses. Take the example of the pandemic: only some governments engaged pandemic experts to develop actions plans. Figure 3: Digital capability levels.

Digital transformation

Digital transformation Risk IT Computer and Electronics

Final Draft of EU AI Act Leaked

Hunton Privacy

FEBRUARY 1, 2024

General-purpose AI system” is separately defined under the AI Act as an “AI system which is based on a general-purpose AI model, that has the capability to serve a variety of purposes, both for direct use as well as for integration in other AI systems.” Providers will be subject to the majority of the AI Act’s requirements.

Risk

Risk Education Artificial Intelligence Insurance

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

Data Matters

JUNE 26, 2018

6 general election ballot. Many see the law as having echoes of the new European General Data Protection Regulation (GDPR) that went into effect on May 25. The CCPA also exempts data covered by Health Insurance Portability and Accountability Act and consumer report data governed by the Fair Credit Reporting Act. biometric data.

Privacy

Privacy GDPR Sales Data breaches

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Data Matters

MARCH 4, 2021

The VCDPA, which will not enter into effect until January 1, 2023, borrows heavily from the California Consumer Privacy Act (CCPA) and the European Union (EU) General Data Protection Regulation (GDPR). the categories of personal data that the controller shares with third parties, if any. Employment-related exemptions.

Personal data

Personal data GDPR Sales Privacy

Security Compliance & Data Privacy Regulations

Record Retention Policy for Businesses: A Strategic Guide to Compliance and Efficiency

Webinars

Trending Sources

What Is Integrated Risk Management? Definition & Implementation

Webinars

A guide to the GDPR for insurance companies

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Regulatory Update: NAIC Summer 2022 National Meeting

CCPA Marches On: California Attorney General Proposes Further Revisions to CCPA Regulations, Industry Pleads for Enforcement Delay Amid COVID-19 Crisis

The Impact of Data Protection Laws on Your Records Retention Schedule

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

What Is Encryption? Definition, How it Works, & Examples

UAE: Federal level data protection law enacted

California Enacts Broad Privacy Laws Modeled on GDPR

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

OCR Issues Bulletin on the Sharing and Security of PHI During Coronavirus Pandemic

California Enacts Broad Privacy Protections Modeled on GDPR

New York Enacts Stricter Data Cybersecurity Laws

“But the emails” – companies’ SEC filings reflect ransomware risks

New Nevada Privacy Law With “Sale” Opt-Out Right Will Take Effect Before the CCPA

UK data protection after Brexit – UK government Statement of Intent contains few surprises

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

GDPR is upon us: are you ready for what comes next?

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

UK: Liability Limits for GDPR in commercial contracts – the law and recent trends

GDPR – The Year in Review

A Guide to CCPA Compliance and How the California Consumer Privacy Act Compares to GDPR

Regulatory Update: NAIC Fall 2019 National Meeting

Regulatory Update: NAIC Fall 2019 National Meeting

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

Network Security Architecture: Best Practices & Tools

Mic Drop: California AG releases long-awaited CCPA Rulemaking

SEC Updates Guidance On Cybersecurity Risk And Incident Disclosure Requirements

The debate on the Data Protection Bill in the House of Lords

Part 3: OMG! Not another digital transformation article! Is it about effecting risk management and change management?

Final Draft of EU AI Act Leaked

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

East Coast Meets West Coast: Enter the Virginia Consumer Data Protection Act

Stay Connected