Data Privacy, GDPR and Insurance - Information Management Today

Data privacy examples

IBM Big Data Hub

APRIL 24, 2024

These are just some examples of how organizations support data privacy , the principle that people should have control of their personal data, including who can see it, who can collect it, and how it can be used. One cannot overstate the importance of data privacy for businesses today.

Data Privacy

Data Privacy Privacy GDPR Personal data

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

Regulatory compliance and data privacy issues have long been an IT security nightmare. And since the EU’s General Data Protection Regulation (GDPR) took effect May 25, 2018, IT compliance issues have been at the forefront of corporate concerns. GDPR-style data privacy laws came to the U.S.

Data Privacy

Data Privacy Compliance Privacy Security

Two Years on from GDPR: Has It Driven Growth in Cybersecurity Insurance?

Dark Reading

SEPTEMBER 10, 2020

Whilst GDPR has put the spotlight on data privacy and cyber issues, there are other more prominent trends that are driving a greater take-up of cyber insurance, says Ben Maidment, Class Underwriter - Cyber, Physical & Technology at Brit Insurance.

Insurance

Insurance GDPR Data Privacy Cybersecurity

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Why Cyber Insurance is Essential in 2022

IT Governance

MAY 24, 2022

One of the most common ways to mitigate the risk of a cyber security incident is cyber insurance. These activities aren’t typically included in standard business insurance policies, which tend to only cover costs related to technical issues, such as corrupted hard drives and lost devices. The benefits of cyber insurance.

Insurance

Insurance Data breaches GDPR Ransomware

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

Thales Cloud Protection & Licensing

DECEMBER 22, 2020

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing. New EU restrictions could force companies to change data transfer practices and adopt more advanced data encryption methods. In recent years, costly breaches and evolving data security concerns have bubbled up to a board level agenda item.

Data Privacy

Data Privacy Privacy Security Encryption

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

IT Governance

JANUARY 9, 2024

million people was compromised, including names, addresses, dates of birth, Social Security numbers, taxpayer identification numbers, medical information, health insurance information, and billing and claims information. Data breached: 4,452,782 records. 79 of them are known to have had data exfiltrated, exposed or otherwise breached.

Data Privacy

Data Privacy Privacy Manufacturing Data breaches

Mastering healthcare data governance with data lineage

IBM Big Data Hub

MAY 9, 2024

Healthcare organizations need a strong data governance framework to help ensure compliance with regulations like the Health Insurance Portability and Accountability Act of 1996 (HIPAA) in the US and the General Data Protection Regulation (GDPR) in the EU. ” Michael L.,

Government

Government GDPR Compliance Analytics

ROUNDTABLE: Huge Capital One breach shows too little is being done to preserve data privacy

The Last Watchdog

AUGUST 1, 2019

Related: Hackers direct botnets to manipulate business logic Thompson is accused of pilfering sensitive data for 100 million US and 6 million Canadian bank patrons. It could be FTC first, then European GDPR and Canadian PIPEDA, then upcoming California Consumer Privacy Act, and many other privacy regulations worldwide.

Data Privacy

Data Privacy Privacy Data breaches Cloud

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

This is the 11th post in a series on privacy by Andrew Pery. You might also be interested in: The Re-Permissioning Dilemma Under GDPR. Data Privacy and Open Data: Secondary Uses under GDPR. Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning.

GDPR

GDPR Compliance Privacy Data Privacy

Over-Retention of Personal Data

Data Protection Report

SEPTEMBER 23, 2021

The matter involved one of France’s largest insurers, SGAM AG2R LA MONDIALE, which was subject to an inspection by the French data protection authority (the CNIL), in 2019. The CNIL’s inspection included the insurer’s compliance with Section 5-1(e) of GDPR , which reads: Personal data shall be. (e)

Personal data

Personal data Insurance GDPR Record destruction

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

Rather than bringing substantial changes to the existing China data privacy framework, the PIPL helpfully consolidates and clarifies obligations on processing of personal information at a national law level. To be clear, this is not China’s own GDPR. Training : organisations must provide data privacy training.

Data Privacy

Data Privacy Privacy Compliance Analytics

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

The Last Watchdog

OCTOBER 29, 2018

the Health Insurance Portability and Accountability Act (HIPAA)), the answer is generally that a company should implement a “reasonable data privacy and security program” under all circumstances. Companies should have written data privacy and security policies and procedures in place. Insurability.

Security

Security Data Privacy Privacy Data breaches

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

The Last Watchdog

APRIL 30, 2019

The CSF’s core principles have been incorporated into Europe’s GDPR , NYDFS’s cybersecurity requirement s, California’s Consumer Privacy Act and Ohio’s Data Protection Act. And they echo through a wide variety of other risk assessment tools and initiatives that touch on third-party risks and data privacy.

Cybersecurity

Cybersecurity Insurance Security Privacy

Wake up to the reality of the GDPR: What you need to know about compliance

IT Governance

JANUARY 30, 2019

With a mammoth GDPR fine handed out to Google last week, it’s time for organisations to reassess their understanding of the Regulation. We’re through the eye of the GDPR (General Data Protection Regulation) storm. Territorial scope refers to where the data is coming from. Some began to lose faith. The basics.

GDPR

GDPR Compliance Personal data Data breaches

CIPL and AvePoint Release Global GDPR Readiness Report

Hunton Privacy

NOVEMBER 10, 2016

On November 9, 2016, the Centre for Information Policy Leadership (“CIPL”) at Hunton & Williams LLP and AvePoint released the results of a joint global survey launched in May 2016 concerning organizational preparedness for implementing the EU General Data Protection Regulation (“GDPR”).

GDPR

GDPR Data Privacy Compliance Privacy

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

Information Governance Perspectives

MAY 10, 2020

In May of 2020 I was honored to speak at the MERv conference with John Frost of Box on the topic of Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance. I think partly because we’re only a few years out from GDPR, so we’re still building out these metrics, right.

Compliance

Compliance Information governance Privacy Data Privacy

India: New Digital Personal Data Protection Act, Start Planning Now.

DLA Piper Privacy Matters

SEPTEMBER 6, 2023

Authors: Carolyn Bigg, Gwyneth To and Rachel De Souza Start preparing now to comply with India’s new data protection law. In contrast to the current position in India and the EU/UK GDPR, the DPDP Act makes no distinction between personal data and sensitive personal data, but this is quite similar to many other Asia data protection laws.

Personal data

Personal data GDPR Data breaches Compliance

In Today’s Privacy Environment, That’s the Way the (Website) Cookie Crumbles: Data Privacy Trends

eDiscovery Daily

FEBRUARY 11, 2019

It’s only been three weeks, but we’ve already talked plenty about the first big GDPR fine of €50 million (or about $56.8 million ) fine to Google for failing to comply with GDPR. As covered in Alston & Bird’s Privacy and Data Security Blog ( Google-Style GDPR Fines for Everyone?

Privacy

Privacy Data Privacy GDPR Compliance

Staying Ahead of the Curve: 6 Top Legal Tech Trends to Watch in 2023

ARMA International

AUGUST 7, 2023

These include artificial intelligence (AI), hybrid and remote work collaboration, cloud, workflow automation and customization, mail processing and digitization, and security and data privacy. Trend #6: Security and Data Privacy Finally, one of the most pressing trends is security and data privacy.

Artificial Intelligence

Artificial Intelligence Cloud Data Privacy Privacy

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

Thales Cloud Protection & Licensing

MARCH 6, 2018

This year, the major regulation that will be implemented, is the European Union’s General Data Protection Regulation (GDPR) , which takes effect on May 25, 2018. GDPR enables consumers to view, limit and control how companies collect and process their personal data. This is the case with GDPR Article 34.

Compliance

Compliance GDPR Encryption Data Privacy

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

IT Governance

MAY 7, 2024

Source 1 ; source 2 (Update) Insurance USA Yes 75,101 Airsoftc3.com Source 1 ; source 2 (Update) Insurance USA Yes 75,101 Airsoftc3.com Unrelated, AT&T also recently suffered a large data breach, affecting more than 51 million customers’ data. Under the EU GDPR, the Czech supervisory authority issued a €13.9

Data breaches

Data breaches Education Manufacturing Retail

61% of organisations reported a data breach in 2019

IT Governance

OCTOBER 24, 2019

If your organisation didn’t suffer a data breach last year, consider yourself one of the lucky few. The insurance firm Hiscox found that 61% of organisations were compromised in the past 12 months. This represents a 16-percentage-point increase over the past year, demonstrating how quickly the threat of data breaches is escalating.

Data breaches

Data breaches GDPR Compliance Insurance

GDPR is upon us: are you ready for what comes next?

Data Protection Report

MAY 23, 2018

The wait is finally over—this Friday the European Union General Data Protection Regulation (GDPR) will come into force. However, the challenges of GDPR certainly don’t end on the date this law goes into implementation. Many of our clients ask us when and how they may be called upon to demonstrate compliance with the GDPR.

GDPR

GDPR Personal data Compliance Data breaches

Data Protection in Financial Services Week 2022

Data Matters

FEBRUARY 25, 2022

Sidley and OneTrust DataGuidance are pleased to announce that registration is now open for their annual Data Protection in Financial Services (DPFS) Week. Join us from February 28 – March 3 for DPFS Week 2022 , a series of webinars looking at the impacts of data privacy across the financial sector.

Financial Services

Financial Services Privacy Data Privacy Cybersecurity

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

Data Matters

AUGUST 9, 2021

In recent weeks, Connecticut passed An Act Concerning Data Privacy Breaches (“The Act”), and the Uniform Law Commission approved and recommended the Uniform Personal Data Protection Act (“UPDPA”). Connecticut: An Act Concerning Data Privacy Breaches.

Data breaches

Data breaches Privacy Personal data Data Privacy

eDiscovery and the GDPR: Ready or Not, Here it Comes: eDiscovery Best Practices

eDiscovery Daily

DECEMBER 3, 2017

Now, Tom has written a terrific informational overview on Europe’s General Data Protection Regulation (GDPR) titled eDiscovery and the GDPR: Ready or Not, Here it Comes. Part One: What is the GDPR? Europe’s General Data Protection Regulation (GDPR) is set to take effect in less than 200 days.

GDPR

GDPR IT Personal data Privacy

Automated Security and Compliance Attracts Venture Investors

eSecurity Planet

FEBRUARY 14, 2023

The vision was to automate security and compliance across 14 frameworks, including SOC 2, ISO 27001, HIPAA and GDPR. The growing number of data privacy regulations has raised the potential consequences of cybersecurity breaches, spurring demand for GRC (governance, risk, and compliance) software.

Compliance

Compliance Security Cybersecurity Marketing

Biden Cybersecurity Strategy: Big Ambitions, Big Obstacles

eSecurity Planet

MARCH 3, 2023

The initiatives that stand out the most — critical infrastructure security standards, a national data privacy and security law, and liability for security failures — will likely take time and the support of Congress to implement. ” Those fundamental shifts are focused on two core priorities. .” Strategic Objective 1.1

Cybersecurity

Cybersecurity Government Manufacturing Personal data

U.S. states pass data protection laws on the heels of the GDPR

Data Protection Report

JULY 9, 2018

states have recently introduced and passed legislation to expand data breach notification rules and to mirror some of the protections provided by Europe’s newly enacted General Data Protection Regulation (“GDPR”). See our previous blog posts on GDPR here and here. Several U.S. Practical Tips.

GDPR

GDPR Data breaches Personal data Insurance

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

With its new data protection bill, Barbados is planning to join the ranks; this is a significant move, and it is one fueled at least in part by the entry into force of the European Union’s General Data Protection Regulation (“GDPR”) on May 25, 2018.

Personal data

Personal data GDPR Data Privacy Privacy

Protecting Sensitive Data with Luna Key Broker for Microsoft Double Key Encryption

Thales Cloud Protection & Licensing

APRIL 1, 2021

For those who are focused on maintaining compliance and protecting sensitive data across their organization, like the CISO office, security architects and auditors, one of the best practices for data security is to maintain control and own the keys used to encrypt sensitive data in all applications.

Encryption

Encryption Compliance Cloud GDPR

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

DLA Piper Privacy Matters

NOVEMBER 19, 2018

The CNIL stresses that there is no need for a DPIA when : the processing does not present a high risk to the rights and freedoms of data subjects; or. the processing is already covered by a record of processing held by the data protection officer, where applicable. in the automotive insurance sector); Monitoring.

Data Privacy

Data Privacy IT GDPR Privacy

Spotlight Podcast: Rethinking Your Third Party Cyber Risk Strategy

The Security Ledger

SEPTEMBER 11, 2019

Episode 158: How NotPetya has Insurers grappling with Systemic Cyber Risk Episode 159: Deep Fakes and Election (in)Security with ZeroFOX. Read the whole entry. » » Related Stories Third Party Cyber Risk is growing. Most Companies aren’t prepared. Third party cyber risk is growing. There are lots of reasons for this.

Risk

Risk GDPR Data Privacy Personal data

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

Reltio

JUNE 12, 2020

1 sentence company description: DataZed is a consultancy that works with organizations to improve their data quality, data governance and data strategy. 1-2 Previous Roles & Companies: Worked as a consultant with general insurers, Lloyd’s market firms, brokers and reinsurers, including Beazley Group and RSA.

Insurance

Insurance Customer Experience B2B MDM

Predictive data quality + adaptive data governance = robust compliance by design

Collibra

JANUARY 14, 2022

The concern of protecting this data, especially personal data , has been around for quite some time. The sheer volume of data and the increased proliferation of cloud technology has brought this concern to the fore again. They focus on processing customer requests to access and update their data in a given timeframe.

Compliance

Compliance Government GDPR Personal data

Data security: Why a proactive stance is best

IBM Big Data Hub

JULY 7, 2023

Data protection and data privacy Data protection , defined as protecting important information from corruption, damage or loss, is critical because data breaches resulting from cyberattacks can include personally identifiable information (PII), health information, financial information, intellectual property and other personal data.

Security

Security Data breaches Data Privacy Compliance

What is Confidential Computing? Definition, Benefits, & Uses

eSecurity Planet

MAY 26, 2023

Compatibility with data privacy and compliance requirements Compliance laws like GDPR and HIPAA require companies to store and use data in specific ways to maintain compliance. This type of computing provides an ideal combination of hands-off security protocols and visibility into unauthorized network traffic.

Encryption

Encryption Cloud IoT Blockchain

UK: The rise of privacy group action risk

DLA Piper Privacy Matters

DECEMBER 7, 2017

Two recent developments in the United Kingdom highlight the growing risk of privacy litigation and “group actions” which is likely to further increase following the enactment of the General Data Protection Regulation (“ GDPR “) in May 2018. Various Claimants v Wm Morrisons Supermarket PLC [2017] 3113.

Risk

Risk Privacy GDPR Data breaches

The Hacker Mind Podcast: The Internet As A Pen Test

ForAllSecure

MAY 17, 2023

Chris Gray of Deep Watch talks about the view from the inside of a virtual SOC, the ability to see threats against a large number of SMB organizations, and the changes to cyber insurance we’re seeing as a result. VAMOSI: Cybersecurity insurance. cyber insurance as a whole was changing heavily. And why is that?

Insurance

Insurance Privacy Ransomware GDPR

Automating Security Risk Assessments for Better Protection

eSecurity Planet

JANUARY 12, 2021

Data backups. Cybersecurity preparedness/ insurance. Compliance assessment : A compliance assessment checks to see if your security and data controls meet regulations like GDPR , CCPA , HIPAA and PCI-DSS. Failure to meet appropriate compliance and data privacy rules can cause more than cyber risks.

Risk

Risk Security Cybersecurity Compliance

Guest Post - Data Privacy and Open Data: Secondary Uses under GDPR

AIIM

MARCH 26, 2018

You might also be interested in: Three Critical Steps for GDPR Compliance. Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. GDPR and Cross Border Data Flows between the EU and the US: Current State of the Law. GDPR Compliance Starts with Data Discovery.

GDPR

GDPR Data Privacy Privacy Compliance

Privacy and Cybersecurity Top 10 for 2018

Data Matters

JANUARY 2, 2018

As we begin this New Year, here is list of the top 10 privacy and cybersecurity issues for 2018: EU GDPR. The May 25, 2018 effective date for the EU’s General Data Protection Regulation (GDPR) will no doubt be a central focus of 2018. And Singapore is considering introducing major cybersecurity legislation in 2018.

Cybersecurity

Cybersecurity Privacy Data breaches GDPR

What is data governance in healthcare?

Collibra

DECEMBER 16, 2020

Likewise, healthcare organizations operate in a highly regulated industry, which often has standards or regulations around data privacy and data security. Risk mitigation – data privacy compliance, personal information (PI) data discovery, policy enforcement, vendor risk management.

Government

Government Data Privacy Privacy Communications

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

IT Governance

APRIL 22, 2024

Cloud, FL Source (Update) Public USA Yes 719,597 Regulator Marine Inc Source (New) Manufacturing USA Yes 630 GB Risas Dental and Braces Source 1 ; source 2 (New) Healthcare USA Yes 618,189 HUB International Source (New) Insurance USA Yes 514,477 Lee University Source 1 ; source 2 (New) Education USA Yes 387.49

Data Privacy

Data Privacy Privacy Manufacturing Security

Data privacy examples

Security Compliance & Data Privacy Regulations

Webinars

Trending Sources

Two Years on from GDPR: Has It Driven Growth in Cybersecurity Insurance?

Webinars

Why Cyber Insurance is Essential in 2022

Cross-Border Data Privacy and Security Concerns in the Dawn of Quantum Computing

The Week in Cyber Security and Data Privacy: 1 – 7 January 2024

Mastering healthcare data governance with data lineage

ROUNDTABLE: Huge Capital One breach shows too little is being done to preserve data privacy

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

Over-Retention of Personal Data

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

GUEST ESSAY: A guide to implementing best security practices — before the inevitable breach

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

Wake up to the reality of the GDPR: What you need to know about compliance

CIPL and AvePoint Release Global GDPR Readiness Report

Using Information Governance with a Privacy Compliance Plan as the Fulcrum for Data Privacy and Continuous Compliance

India: New Digital Personal Data Protection Act, Start Planning Now.

In Today’s Privacy Environment, That’s the Way the (Website) Cookie Crumbles: Data Privacy Trends

Staying Ahead of the Curve: 6 Top Legal Tech Trends to Watch in 2023

2018 Global Data Regulations & Compliance Heat Up – Are you Ready?

6,009,014 MovieBoxPro Accounts Breached in Another Data Scraping Incident

61% of organisations reported a data breach in 2019

GDPR is upon us: are you ready for what comes next?

Data Protection in Financial Services Week 2022

Connecticut Strengthens Data Breach Notification Requirements and the Uniform Law Commission Approves and Recommends Comprehensive and Uniform State Privacy Legislation

eDiscovery and the GDPR: Ready or Not, Here it Comes: eDiscovery Best Practices

Automated Security and Compliance Attracts Venture Investors

Biden Cybersecurity Strategy: Big Ambitions, Big Obstacles

U.S. states pass data protection laws on the heels of the GDPR

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Protecting Sensitive Data with Luna Key Broker for Microsoft Double Key Encryption

FRANCE: THE CNIL PUBLISHES ITS DATA PRIVACY IMPACT ASSESSMENT (DPIA) GUIDELINES AND A LIST OF PROCESSING OPERATIONS SUBJECT TO A DPIA

Spotlight Podcast: Rethinking Your Third Party Cyber Risk Strategy

Data Innovator Spotlight - Interview with Charles Joseph, DataZed

Predictive data quality + adaptive data governance = robust compliance by design

Data security: Why a proactive stance is best

What is Confidential Computing? Definition, Benefits, & Uses

UK: The rise of privacy group action risk

The Hacker Mind Podcast: The Internet As A Pen Test

Automating Security Risk Assessments for Better Protection

Guest Post - Data Privacy and Open Data: Secondary Uses under GDPR

Privacy and Cybersecurity Top 10 for 2018

What is data governance in healthcare?

The Week in Cyber Security and Data Privacy: 15 – 21 April 2024

Stay Connected