Compliance, GDPR and Insurance - Information Management Today

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Data Protection Report

MARCH 21, 2023

2] In this context, the Directorate General of the French Treasury has put forward a plan of action with a view to clarifying the cyber-insurance legal framework, better gauging cyber-risks, and enhancing companies’ awareness as regards cyber-risks. 12-10-1 into the French Insurance code. However, in the end, Article L.12-10-1

Insurance

Insurance Data breaches Personal data GDPR

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

FEBRUARY 14, 2023

It was also a drag on the sales cycle, and then there was the need for maintaining compliance. The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. GRC Market Defies Downturn There are some powerful drivers for the compliance and security automation market.

Compliance

Compliance Security Cybersecurity Marketing

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Dutch Supervisory Authority Investigates GDPR Compliance in the Healthcare Sector

Data Matters

AUGUST 23, 2018

On 21 August 2018, the Dutch Supervisor Authority announced that it had conducted an investigation into the designation of a Data Protection Officer (DPO) under the General Data Protection Regulation (GDPR) by 91 hospitals and 33 healthcare insurers in the Netherlands.

GDPR

GDPR Compliance Insurance Communications

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S.

GDPR

GDPR Compliance Privacy Data Privacy

A guide to the GDPR for insurance companies

IT Governance

MAY 30, 2018

The EU General Data Protection Regulation (GDPR) is designed to harmonise data protection laws across the EU, but certain industries will have to respond differently in order to achieve compliance. A report published by research and consultancy company Celent highlights the challenges that the GDPR presents to insurers.

Insurance

Insurance GDPR Compliance Data collection

EUROPE: Are GDPR fines insurable in the countries where you operate?

DLA Piper Privacy Matters

MAY 17, 2018

DLA Piper and Aon have launched a guide ‘ The price of data security ‘, ahead of the General Data Protection Regulation (GDPR), effective from 25 May 2018. The guide reviews the insurability of GDPR fines across Europe, which can reach up to €20 million or, if higher, up to 4% of a group’s annual global turnover.

Insurance

Insurance GDPR Data breaches Personal data

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm. The GDPR concerns personal data that is: Collected in an enterprise context; and. Some began to lose faith.

GDPR

GDPR Compliance Personal data Data breaches

Mastering healthcare data governance with data lineage

IBM Big Data Hub

MAY 9, 2024

Healthcare organizations need a strong data governance framework to help ensure compliance with regulations like the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the US and the General Data Protection Regulation (GDPR) in the EU. Despite this, many healthcare organizations face challenges.

Government

Government GDPR Compliance Analytics

Accelerate IFRS-17 Compliance with Data Intelligence Cloud

Collibra

JANUARY 27, 2022

Its impact is far reaching and global, requiring insurance companies of all types and sizes, bancassurance and any entity that sells insurance products to comply with stringent IFRS-17 rules and comprehensive reporting guidelines. How can Collibra Data Intelligence Cloud help accelerate IFRS-17 compliance?

Compliance

Compliance Cloud Insurance Metadata

Over-Retention of Personal Data

Data Protection Report

SEPTEMBER 23, 2021

The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019. The CNIL’s inspection included the insurer’s compliance with Section 5-1(e) of GDPR , which reads: Personal data shall be. (e) Perhaps the CNIL’s €1.75

Personal data

Personal data Insurance GDPR Record destruction

62% of organisations unaware of the GDPR

IT Governance

FEBRUARY 23, 2018

There is an alarming lack of awareness across all industries about the EU General Data Protection Regulation (GDPR) , according to a government survey. Almost two thirds (62%) of respondents hadn’t heard of the Regulation, and only about 10% had taken steps to meet its compliance requirements. Preparing for the GDPR.

GDPR

GDPR Compliance Insurance Personal data

Predictive data quality + adaptive data governance = robust compliance by design

Collibra

JANUARY 14, 2022

When GDPR (General Data Protection Regulation) came into effect in 2016, organizations took time to understand and plan their compliance efforts. With huge fines up to 4% of a company’s annual turnover looming large for non-compliance, companies have been turning to automated solutions for compliance.

Compliance

Compliance Government GDPR Personal data

Guest Post - Data Privacy and Open Data: Secondary Uses under GDPR

AIIM

MARCH 26, 2018

You might also be interested in: Three Critical Steps for GDPR Compliance. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. What Do the GDPR and new Privacy Laws Mean for U.S. What Do the GDPR and new Privacy Laws Mean for U.S. GDPR Compliance Starts with Data Discovery.

GDPR

GDPR Data Privacy Privacy Compliance

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

Information Governance Perspectives

MAY 10, 2020

In May of 2020 I was honored to speak at the MERv conference with John Frost of Box on the topic of Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance. Privacy makes data governance ethical and tangible, and compliance leaders understand that.

Compliance

Compliance Information governance Privacy Data Privacy

Government survey reveals GDPR awareness is falling short

IT Governance

FEBRUARY 8, 2018

The Cyber Security Breaches Survey 2018 from the Department for Digital, Culture, Media and Sport (DCMS) has revealed that only 38% of businesses and 44% of charities have heard of the General Data Protection Regulation (GDPR). Clearly there is still work to be done to ensure compliance by the 25 May deadline. Key findings.

GDPR

GDPR Government Education Compliance

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

Thales Cloud Protection & Licensing

MARCH 6, 2018

Every year, new regulations and compliance orders come into play that impact businesses across the world. This year, the major regulation that will be implemented, is the European Union’s General Data Protection Regulation (GDPR) , which takes effect on May 25, 2018. In Europe, GDPR isn’t the only regulation impacting the region.

Compliance

Compliance GDPR Encryption Data Privacy

FINLAND: Insurance against administrative fines announced as not permitted

DLA Piper Privacy Matters

OCTOBER 23, 2018

The Financial Supervisory Authority in Finland (FIN-FSA) has on 16 October 2018 published an interpretation that provision of insurance against administrative fines and penalty payments is contrary to good insurance practice and is therefore not permitted. Interpretation of ‘Good Insurance Practice‘. Possible implications.

Insurance

Insurance GDPR Risk Compliance

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies. The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors.

GDPR

GDPR Personal data Data collection Marketing

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

While there are similarities with EU/UK GDPR – and sufficient harmonisation with data protection laws across APAC to continue a regional data compliance in Asia – the practicalities of implementation and compliance should not be underestimated. data subjects, using the GDPR terminology) located within India.

Personal data

Personal data GDPR Data breaches Compliance

Top 10 Governance, Risk and Compliance (GRC) Vendors

eSecurity Planet

JANUARY 21, 2021

Governance, risk, and compliance (GRC) software helps businesses manage all of the necessary documentation and processes for ensuring maximum productivity and preparedness. It includes multi-disciplinary risk and compliance management solutions and tools, including: IT & security risk management. Compliance management.

Compliance

Compliance Risk Government Retail

These 3 GDPR Requirements You Must Support Today are Nothing Compared With What’s Coming

Reltio

AUGUST 16, 2018

On May 25, 2018 GDPR (General Data Protection Regulation) went into effect. The primary objectives of the GDPR are to give control back to their EU citizens and residents over their personal data, to simplify the regulatory environment for international business, and to unify regulations within the European Union.

GDPR

GDPR MDM Compliance Personal data

Rise in cyber attacks leads to cyber insurance business soaring

IT Governance

FEBRUARY 5, 2018

Increased interest in cyber insurance. With more than 800 million records being leaked in 2017 ( find out more in our Breaches and Hacks Blog Archive ), it’s not surprising that cyber insurance business has increased in recent months. Insurers assess an organisation’s cyber risk to set premium levels.

Insurance

Insurance Risk Government Paper

Keeping Up with New Data Protection Regulations

erwin

APRIL 11, 2019

Keeping up with new data protection regulations can be difficult, and the latest – the General Data Protection Regulation (GDPR) – isn’t the only new data protection regulation organizations should be aware of. Compliance is an on-going requirement, so efforts to become compliant should not be treated as static events.

GDPR

GDPR e-Discovery Compliance Metadata

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

The participation led to the idea behind CyberSaint The company supplies a platform, called CyberStrong, that automatically manages risk and compliance assessments across many types of frameworks. That could be for insurance purposes. “As As with any insurance, cyber insurance really requires due care.” Wrenn said. “So

Cybersecurity

Cybersecurity Insurance Security Privacy

Italy: Privacy law integrating the GDPR adopted, what to do?

DLA Piper Privacy Matters

MAY 14, 2018

The Italian privacy law integrating the GDPR has been finalized by the Board of Ministers, unveiling unexpected surprises a few days before the 25th of May 2018. Below are my top 5 derogations to the GDPR provided by the Italian privacy law: 1. Privacy-related compliance organization supplemented.

GDPR

GDPR Privacy Systems administration Compliance

CIPL and AvePoint Release Global GDPR Readiness Report

Hunton Privacy

NOVEMBER 10, 2016

On November 9, 2016, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP and AvePoint released the results of a joint global survey launched in May 2016 concerning organizational preparedness for implementing the EU General Data Protection Regulation (“GDPR”).

GDPR

GDPR Data Privacy Compliance Privacy

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

Far-reaching regulations like Europe’s GDPR levy steep fines on organizations that fail to safeguard sensitive information. Examples of data privacy laws Compliance with relevant regulations is the foundation of many data privacy efforts. Examples of data privacy principles and practices Privacy compliance is only the beginning.

Data Privacy

Data Privacy Privacy GDPR Personal data

How to Manage Your Cyber Risks

IT Governance

OCTOBER 11, 2022

Whether they’re taking small steps, such as installing antivirus software, or large ones, such as a GDPR (General Data Protection Regulation) compliance campaign, they consider it ‘job done’ when the implementation project is complete. Why Cyber Insurance is Essential in 2022.

Risk

Risk GDPR Information Security Personal data

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2)

CGI

DECEMBER 7, 2017

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2). In my previous blog , I introduced findings from in-person interviews CGI held in 2017 with more than 1,300 client executives across 17 countries, including insurance business and IT executives. Thu, 12/07/2017 - 15:43.

Insurance

Insurance Digital transformation Artificial Intelligence GDPR

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2)

CGI

DECEMBER 5, 2017

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2). In my previous blog , I introduced findings from in-person interviews CGI held in 2017 with more than 1,300 client executives across 17 countries, including insurance business and IT executives. Tue, 12/05/2017 - 17:24.

Insurance

Insurance Digital transformation Artificial Intelligence GDPR

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

Hunton Privacy

OCTOBER 27, 2017

On October 17, 2017, the French Data Protection Authority (“CNIL”), after a consultation with multiple industry participants that was launched on March 23, 2016, published its compliance pack on connected vehicles (the “Pack”) in line with its report of October 3, 2016. 3. “IN -> OUT -> IN” scenario.

Compliance

Compliance Data collection GDPR Insurance

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

Italian data protection authority notifies OpenAI of GDPR breaches Following last March’s temporary ban in the country, Italy’s data protection regulator, the Garante per la Protezione dei Dati Personali, has notified ChatGPT’s parent company, OpenAI, that it has identified several breaches of data protection law.

Data Privacy

Data Privacy Privacy Insurance Security

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Traditionally, privacy has taken the form of a policy document created, housed, and referenced by the offices of general counsel and compliance at most organizations. Data privacy is not a check-the-box compliance or security item. The problem is not limited to the requirements of GDPR. Multinationals Face Unique Challenges.

Data Privacy

Data Privacy Privacy Security Encryption

CNIL Provides Update on Compliance Pack Regarding Connected Vehicles

Hunton Privacy

OCTOBER 5, 2016

On October 3, 2016, at the Paris Motor Show, the French Data Protection Authority (“CNIL”) reported on the progress of a new compliance pack on connected vehicles. The compliance pack on connected vehicles will contain guidelines regarding the responsible use of personal data for the next generation of vehicles.

Compliance

Compliance Personal data Data collection Insurance

CNIL Publishes Guidance on Web Scraping and Re-Use of Publicly Available Online Data for Direct Marketing

Hunton Privacy

MAY 4, 2020

Companies that collect, for their own purposes, all the personal data from a given geographic area in online directories and then use the data to send their own direct marketing communications ( e.g. , an insurance company to sell insurance products). Compliance with Basic Data Protection Principles.

Marketing

Marketing GDPR Communications Personal data

GDPR – The Year in Review

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR

GDPR Personal data Privacy Information architecture

The True Global Effect of the GDPR

HL Chronicle of Data Protection

MAY 3, 2018

Organisations from around the world and well beyond Europe are grappling with the new European General Data Protection Regulation (GDPR) and its impact on their data activities. Article 3 of the GDPR tries to answer this question in less than 150 words, which suggests that the answer should be straightforward.

GDPR

GDPR Privacy Personal data Insurance

A Guide to Key Management as a Service

Thales Cloud Protection & Licensing

JUNE 15, 2023

KMaaS providers typically offer features such as FIPS 140-2 certified Hardware Security Modules (HSMs) to ensure the highest security and compliance for sensitive keys. Sustained compliance: Encryption and effective key management are key requirements across all security and privacy regulations.

Encryption

Encryption Compliance Cloud Authentication

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

Data Protection Report

JULY 8, 2019

It also appeared that, among the documents available online, were included copies of identity cards, health insurance cards, certificates issued by the family allowance fund, divorce judgments and bank details. In view of this, the CNIL identified two breaches of the General Data Protection Regulation [3] ( GDPR ): 1.

GDPR

GDPR Personal data Compliance Security

61% of organisations reported a data breach in 2019

IT Governance

OCTOBER 24, 2019

The insurance firm Hiscox found that 61% of organisations were compromised in the past 12 months. The GDPR (General Data Protection Regulation) , which was introduced last year, emphasises the importance of effective security and provide guidance on how to mitigate the risk. Get your GDPR compliance journey on track.

Data breaches

Data breaches GDPR Compliance Insurance

What Is Information Security Management?

IT Governance

FEBRUARY 22, 2022

The introduction of the GDPR (General Data Protection Regulation) and its UK equivalent have emphasised the importance of effective information security, giving supervisory authorities the power to issue sizeable fines. Information security management standards and compliance.

Information Security

Information Security Security Data breaches Risk

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. For many readers of this post, a huge amount of work will have been done in recent months in building up to compliance with the new regime. What do we expect in terms of enforcement priorities?

GDPR

GDPR Personal data Compliance Data breaches

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

DLA Piper Privacy Matters

NOVEMBER 6, 2019

million against Deutsche Wohnen SE for infringements of the General Data Protection Regulation (GDPR). This alleged non-compliance with data protection rules has already been flagged by the Berlin DPA after an on-site audit in June 2017. Facts and legal evaluation by Berlin DPA.

GDPR

GDPR Personal data Archiving Compliance

Security Compliance & Data Privacy Regulations

Cyber-insurance – 72 hours for the insured party to file a criminal complaint: GDPR’s false friend

Webinars

Trending Sources

Automated Security and Compliance Attracts Venture Investors

Webinars

Dutch Supervisory Authority Investigates GDPR Compliance in the Healthcare Sector

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

A guide to the GDPR for insurance companies

EUROPE: Are GDPR fines insurable in the countries where you operate?

Wake up to the reality of the GDPR: What you need to know about compliance

Mastering healthcare data governance with data lineage

Accelerate IFRS-17 Compliance with Data Intelligence Cloud

Over-Retention of Personal Data

62% of organisations unaware of the GDPR

Predictive data quality + adaptive data governance = robust compliance by design

Guest Post - Data Privacy and Open Data: Secondary Uses under GDPR

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

Government survey reveals GDPR awareness is falling short

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

FINLAND: Insurance against administrative fines announced as not permitted

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

India: New Digital Personal Data Protection Act, Start Planning Now.

Top 10 Governance, Risk and Compliance (GRC) Vendors

These 3 GDPR Requirements You Must Support Today are Nothing Compared With What’s Coming

Rise in cyber attacks leads to cyber insurance business soaring

Keeping Up with New Data Protection Regulations

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

Italy: Privacy law integrating the GDPR adopted, what to do?

CIPL and AvePoint Release Global GDPR Readiness Report

Data privacy examples

How to Manage Your Cyber Risks

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2)

Insurers’ top trends and priorities: A look at the 2017 CGI Client Global Insights (part 2)

French DPA Publishes a Compliance Pack Regarding Connected Vehicles

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

CNIL Provides Update on Compliance Pack Regarding Connected Vehicles

CNIL Publishes Guidance on Web Scraping and Re-Use of Publicly Available Online Data for Direct Marketing

GDPR – The Year in Review

The True Global Effect of the GDPR

A Guide to Key Management as a Service

New CNIL €400,000 fine for data security breaches and non-compliance with data retention period under the GDPR

61% of organisations reported a data breach in 2019

What Is Information Security Management?

GDPR is upon us: are you ready for what comes next?

Germany: Berlin data protection authority imposes EUR 14.5 million fine for “data cemetery”

Stay Connected