Data breaches, Exercises and Insurance - Information Management Today

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

Hunton Privacy

JANUARY 2, 2019

New cybersecurity rules for insurance companies licensed in South Carolina are set to take effect in part on January 1, 2019. The new law is the first in the United States to be enacted based on the data security model law drafted by the National Association of Insurance Commissioners.

Insurance

Insurance Cybersecurity Data breaches Encryption

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

FEBRUARY 6, 2019

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Informatics Eng’g, Inc. , 3:18-cv-00969 (N.D.

Data breaches

Data breaches Computer and Electronics Security Insurance

NSL Podcast Series: Part 3 Betting on a Breach – How to Prepare for the Inevitable

Hunton Privacy

FEBRUARY 25, 2020

Most companies are no strangers to the consequences of a data breach. Incident readiness includes having a state-of-the-art incident response plan, conducting tabletop exercises, implementing a vendor management program and having adequate cybersecurity insurance. It’s now rare to be unaffected by such incidents.

Insurance

Insurance Data breaches Cybersecurity Privacy

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

Guidelines Published for Changes to the Singapore Data Privacy Regime

Data Matters

DECEMBER 2, 2020

Mandatory data breach notification (the DBN Obligation). Generally, an organization should assess whether a data breach is notifiable within 30 calendar days once it has credible grounds to believe that a data breach has occurred, or it should be prepared to provide an explanation to the PDPC.

Data Privacy

Data Privacy Privacy Data breaches Personal data

How to Develop an Incident Response Plan

eSecurity Planet

DECEMBER 9, 2021

Unfortunately for those of us indulging in wishful thinking, the likelihood and costs of data breaches continue to increase. The Ponemon Institute estimates that data breach costs rose to an average cost of $4.24 Be in-line with insurance policies. Be in-line with insurance policies. Document contingencies.

Insurance

Insurance Ransomware Data breaches Cloud

Security Affairs newsletter Round 408 by Pierluigi Paganini

Security Affairs

FEBRUARY 26, 2023

If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Military Ransomware Insurance

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

There are also new requirements around transfers of data outside of the UAE and requirements to keep data secure, and to notify the new data protection regulator, and in some circumstances data subjects, of data breaches. Data breaches. Conduct a data mapping exercise.

Personal data

Personal data Data breaches GDPR Compliance

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors. Between June 8, 2018 and April 6, 2019, the CNIL received 15 complaints from individuals relating to the exercise of their data protection rights with affiliates of the Carrefour Group.

GDPR

GDPR Personal data Data collection Marketing

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

It was also the first to enact data breach notification legislation, which all other states have now followed. Businesses cannot discriminate against consumers who exercise any of their rights under AB 375. This new legislation may well have an outsize influence on privacy laws nationwide. Right to Equal Service and Price.

GDPR

GDPR Privacy Sales Data breaches

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

It was also the first to enact data breach notification legislation, which all other states have now followed. Businesses cannot discriminate against consumers who exercise any of their rights under AB 375. This new legislation may well have an outsize influence on privacy laws nationwide. Right to Equal Service and Price.

GDPR

GDPR Privacy Sales Data breaches

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

OCTOBER 7, 2021

Credit data access. Similar to health data, the regulations are to provide rules regarding the processing of credit data in a manner that ensures the preservation of the privacy of its owners and protects their rights in the PDPL and the Credit Information Law. Some of these steps include: Conduct a data mapping exercise.

Personal data

Personal data Compliance Computer and Electronics IoT

CNIL Unveils 2017 Inspection Program and 2016 Annual Activity Report

Hunton Privacy

MARCH 29, 2017

The CNIL estimates that the GDPR will lead to the appointment of a data protection officer in at least 80,000 to 100,000 organizations in France. This legislation strengthens the transparency requirements and increases the maximum level of fines from €150,000 to €3 million for data protection infringements.

Personal data

Personal data Healthcare GDPR Insurance

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

Given the imposition of more onerous GDPR accountability provisions its incumbent on both data controllers and processors to ensure that their respective obligations are clearly spelled out in their respective Data Processing Agreements and that such provisions adhere to GDPR controller and processor obligations. Want more information?

GDPR

GDPR Compliance Privacy Data Privacy

Spain’s New Data Protection Act Now in Force

Data Matters

JANUARY 3, 2019

Business Contact Data: there is a presumption that the processing of personal data of business contacts, where the sole purpose is to establish a relationship with the business, will be in the legitimate interests of the controller. This includes a right to “digital disconnection” that applies to both public and private sector workers.

GDPR

GDPR Personal data Privacy Insurance

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

Thales Cloud Protection & Licensing

MARCH 6, 2018

Some impact specific countries while others focus on individual industries, but each regulation being enforced is an indication that companies must be more accountable when it comes to how they manage data privacy and people’s data or they risk having to pay large fines.

Compliance

Compliance GDPR Encryption Data Privacy

Trusting your supply chain with personal information

CGI

MARCH 3, 2019

Both parties need to monitor everything that’s going on, maintain logs, know when to notify the other of incidents and agree on actions to take in the event of a breach. You should also check the insurance cover of all parties with regard to personal data breaches.

GDPR

GDPR Insurance Data breaches Personal data

UK Parliament Calls for Prison Sentences for Data Theft

Hunton Privacy

OCTOBER 31, 2011

The Committee stated in its October 18, 2011 report that the current penalties for unlawfully obtaining personal data (under Section 55 of the DPA) are an inadequate deterrent, and urged the government to exercise its power to introduce prison sentences without delay. Commissioner Christopher Graham to the Committee earlier this year.

Personal data

Personal data Insurance Data breaches Government

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

For instance, Canada has a data protection law 3 and is currently considering a new data protection law that places even more restrictions on the retention and use of personal data than the GDPR 4. The United States does not have a Federal data protection law that protects all consumers.

Personal data

Personal data GDPR Privacy Records Management

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

During the week of October 4, 2021, California Governor Gavin Newsom signed into law bills amending the California Privacy Rights Act of 2020 (“CPRA”), California’s data breach notification law and California’s data security law. Genetic Data: California Data Breach Notification and Data Security Law Amendment Bill.

Privacy

Privacy Insurance Security Data breaches

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

24, but more likely than not the first test for many organizations will be how they respond to data subject access requests (DSARs) or when they experience a personal data breach which they will likely need to report to their Supervisory Authority due to the relatively hair trigger reporting thresholds.

GDPR

GDPR Personal data Compliance Data breaches

Cybersecurity: Managing Risks With Third Party Companies

Cyber Info Veritas

JULY 19, 2018

Did you know that 63% of all data breaches are directly or indirectly linked to third party companies? Let us get started with how third-party data breach occurs. How Third Party Data Breach Takes Place If a hacker is targeting a large organization, they look for the gateway that will not be easily noticed.

Risk

Risk Cybersecurity Compliance Data breaches

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

Under the BDPA, processing shall be lawful where the data subject has given consent to the processing of his personal data for specific purposes, where necessary for, among other purposes, the performance of a contract; to comply with legal obligations; to protect the vital interests of the data subject; and for the administration of justice.

Personal data

Personal data GDPR Data Privacy Privacy

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

This page will enable consumers to exercise the right to opt-out of the sale of their personal information. If the consumer opts-out, the business must wait at least 12 months from the date the consumer opts-out before requesting the consumer authorize the sale of his or her personal data. Anti-Discrimination Provisions.

Privacy

Privacy Sales Compliance Cybersecurity

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

DLA Piper Privacy Matters

APRIL 23, 2020

These are defined as “decisions that result in the provision or denial of financial and lending services, housing, insurance, education enrollment, criminal justice, employment opportunities, health care services, or access to basic necessities such as food and water, or that impact civil rights of individuals.”

Privacy

Privacy Government Insurance IT

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

Data Matters

OCTOBER 24, 2019

The proposed regulations echo the CCPA itself, in that they emphasize that a business violates the CCPA’s non-discrimination principle if it treats consumers differently simply because they exercise their CCPA rights.

Privacy

Privacy Sales Authentication Passwords

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

IT Governance

DECEMBER 5, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. Data breached: over 300 million records. Data breached: 35 TB. According to Cybernews , one of the data sets contained 13.3 Data breached: 13.3

Data Privacy

Data Privacy Privacy Manufacturing Retail

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

KnowBe4

APRIL 25, 2023

link] [Head Scratcher] More Companies With Cyber Insurance Are Hit by Ransomware Than Those Without? In an interesting twist, new data hints that organizations with cyber insurance may be relying on it too much, instead of shoring up security to ensure attacks never succeed.

Insurance

Insurance Security awareness Phishing Ransomware

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

This page will enable consumers to exercise the right to opt-out of the sale of their personal information. If the consumer opts-out, the business must wait at least 12 months from the date the consumer opts-out before requesting the consumer authorize the sale of his or her personal data. Anti-Discrimination Provisions.

Privacy

Privacy Sales Education Compliance

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

38,846,799 known records breached in 140 publicly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Data Privacy

Data Privacy Privacy Insurance Security

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Data Matters

OCTOBER 22, 2019

The regulations require businesses to explain that they may not discriminate against consumers who exercise their CCPA rights. Of particular note, the regulations clarify that businesses generally do not have to provide notice “at or before the point of collection” if they are not collecting information directly from the consumer.

Privacy

Privacy Sales Paper Compliance

Our Data Governance Is Broken. Let’s Reinvent It.

John Battelle's Searchblog

JANUARY 25, 2019

First, Data. Big data, data breaches, data mining, data science…Today, we’re all about the data. So what insures engagement and attention? Information refined from data. In my work at Columbia, I’m currently obsessed with two things. And second… Governance.

Government

Government IT Marketing ROT

CNIL Unveils 2019 Inspection Program and 2018 Annual Activity Report

Hunton Privacy

APRIL 30, 2019

The complaints mainly concern the following issues or sectors: dissemination of personal data on the Internet: the CNIL received 373 requests to delist information from search results (“right to be forgotten” requests) (35.7 The CNIL received 1,170 data breach notifications in 2018. percent of complaints); and.

GDPR

GDPR Personal data Data breaches Marketing

Private cloud use cases: 6 ways private cloud brings value to enterprise business

IBM Big Data Hub

MARCH 28, 2024

High security: Certain industries, like insurance, are more prone to data breaches and cyberattacks. A private cloud offers greater visibility and access control by storing sensitive data and applications behind private firewalls.

Cloud

Cloud Energy and Utilities Compliance Privacy

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

Data Matters

OCTOBER 23, 2019

The regulations flatly prohibit businesses from disclosing a consumer’s social security number, driver’s license number or government issued ID number, financial account number, health insurance or medical identification number, account password, or security questions and answers in response to right to know requests.

Sales

Sales Privacy Passwords Compliance

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

You might not think of it as a major aspect of security and yet, stolen credentials are really the key to data breaches today. In most cases, this regards the European Union’s General Data Protection Regulation or GDPR, and in the UK that law continues as the UK GDPR. And those breach reports.

Passwords

Passwords Authentication Access Data breaches

CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

KnowBe4

APRIL 11, 2023

Verizon's Data Breach Investigations Report shows that attackers are increasingly successful using a combo of phishing and malware to steal user credentials. We see phishing and ransomware as our most significant cybersecurity threats, and your platform goes further than a box-ticking exercise to satisfy our Board.

Passwords

Passwords Phishing Ransomware Security awareness

Ransomware Is the No. 1 Cyber Threat This Year. Here’s What You Can Do

Adam Levin

MARCH 2, 2020

Phishing attacks, unpatched software vulnerabilities, and ransomware attacks all amount to an exercise of futility. Get Covered: I’ve said it before and I’ll say it again: Cyberattacks and data breaches have become the third certainty in life after death and taxes. They can’t do it.

Ransomware

Ransomware Encryption Insurance Cybersecurity

Project Svalbard, Have I Been Pwned and its Ongoing Independence

Troy Hunt

MARCH 2, 2020

These were companies spanning all sorts of different industries; big tech, general infosec, antivirus, hosting, finance, e-commerce, cyber insurance - I could go on. Anyone can cobble together a website with some APIs and load in a ton of data breaches, but establishing trust is a whole different story.

IT

IT Mining Sales Data breaches

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

Data Matters

JUNE 26, 2018

California was the first state to adopt an express right of privacy in its state constitution and the first to enact data breach notification legislation, which all other states have since followed. Amendments to the California Data Breach Notification Law. What Is Personal Information. Legislative Developments.

Privacy

Privacy GDPR Sales Data breaches

A new era for customer data – could security be ‘the new green’ for businesses?

Thales Cloud Protection & Licensing

OCTOBER 10, 2018

In the run up to its implementation earlier this year, the GDPR scare stories came thick and fast, with the majority of exposure playing on fears of enormous financial penalties or reputation-destroying data breaches. Think TV licenses and car insurance, for example. However, the narrative is set to change.

GDPR

GDPR Security Marketing Data breaches

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Webinars

Trending Sources

NSL Podcast Series: Part 3 Betting on a Breach – How to Prepare for the Inevitable

Webinars

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

Guidelines Published for Changes to the Singapore Data Privacy Regime

How to Develop an Incident Response Plan

Security Affairs newsletter Round 408 by Pierluigi Paganini

UAE: Federal level data protection law enacted

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

California Enacts Broad Privacy Laws Modeled on GDPR

California Enacts Broad Privacy Protections Modeled on GDPR

Saudi Arabia’s New Data Protection Law – What you need to know

CNIL Unveils 2017 Inspection Program and 2016 Annual Activity Report

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

Spain’s New Data Protection Act Now in Force

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

Trusting your supply chain with personal information

UK Parliament Calls for Prison Sentences for Data Theft

The Impact of Data Protection Laws on Your Records Retention Schedule

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

GDPR is upon us: are you ready for what comes next?

Cybersecurity: Managing Risks With Third Party Companies

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Our Data Governance Is Broken. Let’s Reinvent It.

CNIL Unveils 2019 Inspection Program and 2018 Annual Activity Report

Private cloud use cases: 6 ways private cloud brings value to enterprise business

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

The Hacker Mind Podcast: Going Passwordless

CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

Ransomware Is the No. 1 Cyber Threat This Year. Here’s What You Can Do

Project Svalbard, Have I Been Pwned and its Ongoing Independence

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

A new era for customer data – could security be ‘the new green’ for businesses?

Stay Connected