Data breaches, Exercises, Insurance and Security

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Data Matters

FEBRUARY 6, 2019

On December 3, 2018, twelve attorneys general (“AGs”) jointly filed a data breach lawsuit against Medical Informatics Engineering and its subsidiary, NoMoreClipboard LLC (collectively “the Company”), an electronic health records company, in federal district court in Indiana. See Indiana v. Informatics Eng’g, Inc. , 3:18-cv-00969 (N.D.

Data breaches

Data breaches Computer and Electronics Security Insurance

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

Hunton Privacy

JANUARY 2, 2019

New cybersecurity rules for insurance companies licensed in South Carolina are set to take effect in part on January 1, 2019. The new law is the first in the United States to be enacted based on the data security model law drafted by the National Association of Insurance Commissioners.

Insurance

Insurance Cybersecurity Data breaches Encryption

Security Affairs newsletter Round 408 by Pierluigi Paganini

Security Affairs

FEBRUARY 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Military Ransomware Insurance

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

NSL Podcast Series: Part 3 Betting on a Breach – How to Prepare for the Inevitable

Hunton Privacy

FEBRUARY 25, 2020

Most companies are no strangers to the consequences of a data breach. Incident readiness includes having a state-of-the-art incident response plan, conducting tabletop exercises, implementing a vendor management program and having adequate cybersecurity insurance. It’s now rare to be unaffected by such incidents.

Insurance

Insurance Data breaches Cybersecurity Privacy

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

HL Chronicle of Data Protection

MAY 13, 2019

In the past two years, multiple state bills that have been introduced in the US to provide for cybersecurity requirements and standards to the insurance sector, with recent legislative activity taking place in particular within the States of Ohio, South Carolina, and Michigan. NYDFS: Setting a new bar for state cybersecurity regulation.

Insurance

Insurance Cybersecurity Data breaches Financial Services

How to Develop an Incident Response Plan

eSecurity Planet

DECEMBER 9, 2021

We make IT, security, or any business decision by weighing the risks and the rewards. Or as is often the case with security, what costs can we skip and still escape big penalties later? Unfortunately for those of us indulging in wishful thinking, the likelihood and costs of data breaches continue to increase.

Insurance

Insurance Ransomware Data breaches Cloud

Guidelines Published for Changes to the Singapore Data Privacy Regime

Data Matters

DECEMBER 2, 2020

Mandatory data breach notification (the DBN Obligation). Generally, an organization should assess whether a data breach is notifiable within 30 calendar days once it has credible grounds to believe that a data breach has occurred, or it should be prepared to provide an explanation to the PDPC.

Data Privacy

Data Privacy Privacy Data breaches Personal data

UAE: Federal level data protection law enacted

DLA Piper Privacy Matters

DECEMBER 3, 2021

There are also new requirements around transfers of data outside of the UAE and requirements to keep data secure, and to notify the new data protection regulator, and in some circumstances data subjects, of data breaches. Data security. Data breaches. 44) of 2021.

Personal data

Personal data Data breaches GDPR Compliance

California Enacts Broad Privacy Laws Modeled on GDPR

Data Matters

JUNE 29, 2018

It was also the first to enact data breach notification legislation, which all other states have now followed. identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number or passport number.

GDPR

GDPR Privacy Sales Data breaches

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Hunton Privacy

DECEMBER 1, 2020

The group has diversified its activities into the banking and insurance, travel agency and e-commerce sectors. Between June 8, 2018 and April 6, 2019, the CNIL received 15 complaints from individuals relating to the exercise of their data protection rights with affiliates of the Carrefour Group.

GDPR

GDPR Personal data Data collection Marketing

Saudi Arabia’s New Data Protection Law – What you need to know

DLA Piper Privacy Matters

OCTOBER 7, 2021

Data transfers out of the Kingdom are even more tightly controlled than under existing legislation. Transfers may still require approval by the data regulator. Credit data access. Some of these steps include: Conduct a data mapping exercise. Develop a Record of Processing Activity (ROPA).

Personal data

Personal data Compliance Computer and Electronics IoT

California Enacts Broad Privacy Protections Modeled on GDPR

Data Matters

JUNE 29, 2018

It was also the first to enact data breach notification legislation, which all other states have now followed. identifiers such as a real name, alias, postal address, unique personal identifier, online identifier, internet protocol address, email address, account name, Social Security number, driver’s license number or passport number.

GDPR

GDPR Privacy Sales Data breaches

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

Data Privacy and Open Data: Secondary Uses under GDPR. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. Three Critical Steps for GDPR Compliance. Want more information?

GDPR

GDPR Compliance Privacy Data Privacy

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

Thales Cloud Protection & Licensing

MARCH 6, 2018

Some impact specific countries while others focus on individual industries, but each regulation being enforced is an indication that companies must be more accountable when it comes to how they manage data privacy and people’s data or they risk having to pay large fines. appeared first on Data Security Blog | Thales e-Security.

Compliance

Compliance GDPR Encryption Data Privacy

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

During the week of October 4, 2021, California Governor Gavin Newsom signed into law bills amending the California Privacy Rights Act of 2020 (“CPRA”), California’s data breach notification law and California’s data security law. Genetic Data: California Data Breach Notification and Data Security Law Amendment Bill.

Privacy

Privacy Insurance Security Data breaches

Trusting your supply chain with personal information

CGI

MARCH 3, 2019

Where sensitive information is exchanged, it is important that responsibility for cyber security is also shared. Without agreements and a clear understanding of each company’s security role, your supplier could become the weakest security link in your ecosystem. This is especially important when it comes to personal information.

GDPR

GDPR Insurance Data breaches Personal data

Cybersecurity: Managing Risks With Third Party Companies

Cyber Info Veritas

JULY 19, 2018

Did you know that 63% of all data breaches are directly or indirectly linked to third party companies? Let us get started with how third-party data breach occurs. How Third Party Data Breach Takes Place If a hacker is targeting a large organization, they look for the gateway that will not be easily noticed.

Risk

Risk Cybersecurity Compliance Data breaches

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

Necessity : Personal data must be adequate, relevant and necessary in relation to the purposes for which they are processed. Accuracy : Personal data must be accurate and, where necessary, kept up-to-date. Retention : Personal data must not be kept for longer than is necessary. Mandatory data breach notification.

Personal data

Personal data GDPR Data Privacy Privacy

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

24, but more likely than not the first test for many organizations will be how they respond to data subject access requests (DSARs) or when they experience a personal data breach which they will likely need to report to their Supervisory Authority due to the relatively hair trigger reporting thresholds.

GDPR

GDPR Personal data Compliance Data breaches

UK Parliament Calls for Prison Sentences for Data Theft

Hunton Privacy

OCTOBER 31, 2011

The Committee stated in its October 18, 2011 report that the current penalties for unlawfully obtaining personal data (under Section 55 of the DPA) are an inadequate deterrent, and urged the government to exercise its power to introduce prison sentences without delay. Commissioner Christopher Graham to the Committee earlier this year.

Personal data

Personal data Insurance Data breaches Government

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

IT Governance

DECEMBER 5, 2023

At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks. The security researcher Bob Diachenko of SecurityDiscovery first identified the exposed information in mid-September. Data breached: over 300 million records.

Data Privacy

Data Privacy Privacy Manufacturing Retail

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

IT Governance

FEBRUARY 6, 2024

38,846,799 known records breached in 140 publicly disclosed incidents Welcome to this week’s global round-up of the biggest and most interesting news stories. At the end of each month, these incidents – and any others that we find – will be used to inform our monthly analysis of data breaches and cyber attacks.

Data Privacy

Data Privacy Privacy Insurance Security

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised. This page will enable consumers to exercise the right to opt-out of the sale of their personal information.

Privacy

Privacy Sales Compliance Cybersecurity

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

Data Matters

OCTOBER 24, 2019

If a business collects personal information to verify, it must use it only for the purpose of verification or for security or fraud prevention, and it must delete the information as soon as practical after processing the request.) Need for Security Measures. available technology for verification. available technology for verification.

Privacy

Privacy Sales Authentication Passwords

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

KnowBe4

APRIL 25, 2023

Security researchers are jailbreaking large language models to get around safety rules. Soon, the CEO of security firm Adversa AI had GPT-4 spouting homophobic statements, creating phishing emails, and supporting violence." Security Culture Benchmarking feature lets you compare your organization's security culture with your peers NEW!

Insurance

Insurance Security awareness Phishing Ransomware

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

California law also requires businesses that suffer a breach of security to disclose the breach to consumers, and in some instances law enforcement, if sensitive information is compromised. This page will enable consumers to exercise the right to opt-out of the sale of their personal information.

Privacy

Privacy Sales Education Compliance

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

DLA Piper Privacy Matters

APRIL 23, 2020

These are defined as “decisions that result in the provision or denial of financial and lending services, housing, insurance, education enrollment, criminal justice, employment opportunities, health care services, or access to basic necessities such as food and water, or that impact civil rights of individuals.”

Privacy

Privacy Government Insurance IT

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

HL Chronicle of Data Protection

OCTOBER 8, 2018

Managing the interaction of these new requirements with existing obligations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA), California’s Confidentiality of Medical Information Act (CMIA), and other health privacy laws will continue to be an area of focus in the health privacy community for years to come.

Privacy

Privacy Healthcare Sales Insurance

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Data Matters

OCTOBER 22, 2019

The regulations require businesses to explain that they may not discriminate against consumers who exercise their CCPA rights. Of particular note, the regulations clarify that businesses generally do not have to provide notice “at or before the point of collection” if they are not collecting information directly from the consumer.

Privacy

Privacy Sales Paper Compliance

Our Data Governance Is Broken. Let’s Reinvent It.

John Battelle's Searchblog

JANUARY 25, 2019

First, Data. Big data, data breaches, data mining, data science…Today, we’re all about the data. So what insures engagement and attention? Information refined from data. Let The Data Flow. In my work at Columbia, I’m currently obsessed with two things.

Government

Government IT Marketing ROT

CNIL Unveils 2019 Inspection Program and 2018 Annual Activity Report

Hunton Privacy

APRIL 30, 2019

The complaints mainly concern the following issues or sectors: dissemination of personal data on the Internet: the CNIL received 373 requests to delist information from search results (“right to be forgotten” requests) (35.7 The CNIL received 1,170 data breach notifications in 2018. percent of complaints); and.

GDPR

GDPR Personal data Data breaches Marketing

Private cloud use cases: 6 ways private cloud brings value to enterprise business

IBM Big Data Hub

MARCH 28, 2024

As cloud computing continues to transform the enterprise workplace, private cloud infrastructure is evolving in lockstep, helping organizations in industries like healthcare, government and finance customize control over their data to meet compliance, privacy, security and other business needs. billion by 2033, up from USD 92.64

Cloud

Cloud Energy and Utilities Compliance Privacy

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

Is there something more secure? Simon Moffatt from CyberHut joins The Hacker Mind to discuss how identity and access management (IAM) is fundamental to everything we do online today, and why even multi-factor access, while an improvement, needs to yield to more effortless and more secure passwordless technology that’s coming soon.

Passwords

Passwords Authentication Access Data breaches

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

Data Matters

OCTOBER 23, 2019

Security Concerns. Addressing a key compliance issue for businesses, the proposed regulations provide a detailed set of rules on how businesses should incorporate data security concerns into their right to know responses. Specific Guidance on Right to Know Requests. Explanation of Denial.

Sales

Sales Privacy Passwords Compliance

CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

KnowBe4

APRIL 11, 2023

Share with friends, family and co-workers: [link] A Master Class on IT Security: Roger A. Grimes, Data-Driven Defense Evangelist at KnowBe4. This puts the onus on cybersecurity solutions and the users themselves, as the only additional means to keep the org secure. Full text of the alert is at the FTC website.

Passwords

Passwords Phishing Ransomware Security awareness

Ransomware Is the No. 1 Cyber Threat This Year. Here’s What You Can Do

Adam Levin

MARCH 2, 2020

What makes ransomware such a difficult vector to recover from is the encryption, which ironically continues to be one of the best methods of securing data from hackers. The threats used to get payment are serious, starting with the possibility that the data will be encrypted permanently. It’s all about the payday.

Ransomware

Ransomware Encryption Insurance Cybersecurity

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

Data Matters

JUNE 26, 2018

California was the first state to adopt an express right of privacy in its state constitution and the first to enact data breach notification legislation, which all other states have since followed. biometric data. geolocation data. A security breach under the CCPA is defined in Section 1798.82

Privacy

Privacy GDPR Sales Data breaches

Project Svalbard, Have I Been Pwned and its Ongoing Independence

Troy Hunt

MARCH 2, 2020

These were companies spanning all sorts of different industries; big tech, general infosec, antivirus, hosting, finance, e-commerce, cyber insurance - I could go on. Anyone can cobble together a website with some APIs and load in a ton of data breaches, but establishing trust is a whole different story.

IT

IT Mining Sales Data breaches

A new era for customer data – could security be ‘the new green’ for businesses?

Thales Cloud Protection & Licensing

OCTOBER 10, 2018

I now see cyber security – and more specifically, data security – positioned at the edge of a similar tipping point. Driven by the introduction of the General Data Protection Regulation (GDPR) and heightened by constantly evolving demands, consumers are changing their purchasing habits. GDPR: to help or hinder?

GDPR

GDPR Security Marketing Data breaches

First Multistate HIPAA Data Breach Lawsuit May Signal Increased State Interest in Data Security Enforcement

Cybersecurity Rules for Insurance Companies to Take Effect in South Carolina

Webinars

Trending Sources

Security Affairs newsletter Round 408 by Pierluigi Paganini

Webinars

NSL Podcast Series: Part 3 Betting on a Breach – How to Prepare for the Inevitable

Cybersecurity Standards for the Insurance Sector – A New Patchwork Quilt in the US?

How to Develop an Incident Response Plan

Guidelines Published for Changes to the Singapore Data Privacy Regime

UAE: Federal level data protection law enacted

California Enacts Broad Privacy Laws Modeled on GDPR

CNIL Fines Two Companies of the Carrefour Group €3.05 Million for GDPR and Cookie Violations

Saudi Arabia’s New Data Protection Law – What you need to know

California Enacts Broad Privacy Protections Modeled on GDPR

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Trusting your supply chain with personal information

Cybersecurity: Managing Risks With Third Party Companies

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

GDPR is upon us: are you ready for what comes next?

UK Parliament Calls for Prison Sentences for Data Theft

The Week in Cyber Security and Data Privacy: 27 November – 3 December 2023

The Week in Cyber Security and Data Privacy: 29 January – 4 February 2024

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

CCPA In-Depth Series: Draft Attorney General Regulations on Verification, Children’s Privacy and Non-Discrimination

CyberheistNews Vol 13 #17 [Head Start] Effective Methods How To Teach Social Engineering to an AI

The Good, Bad, And The Ugly: Key Takeaways From California’s New Privacy Law

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

California Consumer Privacy Act: The Challenge Ahead – Four Key Considerations for Health and Life Sciences Companies

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Notice

Our Data Governance Is Broken. Let’s Reinvent It.

CNIL Unveils 2019 Inspection Program and 2018 Annual Activity Report

Private cloud use cases: 6 ways private cloud brings value to enterprise business

The Hacker Mind Podcast: Going Passwordless

CCPA In-Depth Series: Draft Attorney General Regulations on Consumer Requests

CyberheistNews Vol 13 #15 [The New Face of Fraud] FTC Sheds Light on AI-Enhanced Family Emergency Scams

Ransomware Is the No. 1 Cyber Threat This Year. Here’s What You Can Do

California’s GDPR? Sweeping California Privacy Ballot Initiative Could Bring Sea Change to U.S. Privacy Regulation and Enforcement

Project Svalbard, Have I Been Pwned and its Ongoing Independence

A new era for customer data – could security be ‘the new green’ for businesses?

Stay Connected