Krebs on Security

JUNE 4, 2019

said today personal and financial data on some 7.7 That third party — the American Medical Collection Agency (AMCA) — also recently notified competing firm Quest Diagnostics that an intrusion in its payments Web site exposed personal, financial and medical data on nearly 12 million Quest patients. million patients.

Insurance 252

Insurance Data Privacy Access Security 252

erwin

NOVEMBER 14, 2019

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. It is also used to make data more easily understood and secure.

Government 105

Government Data breaches Metadata GDPR 105

IT Governance

MAY 29, 2018

Remember when I said last month that “with the GDPR less than a month away I imagine future lists will be even longer thanks to the introduction of mandatory data breach notifications”? Data breach. Privacy Commissioner says Avenue Living privacy breach poses a risk. Insurance startup leaks sensitive customer health data.

Data breaches 89

Data breaches GDPR Ransomware Passwords 89

Data Matters

FEBRUARY 7, 2018

Companies that are subject to New York’s Cybersecurity Regulation are moving quickly to finalize their compliance obligations under the Cybersecurity Regulation, as the second “due date” quickly approaches – February 15, 2018. They also became obligated to report cybersecurity events to the NYDFS. .

Compliance 60

Compliance Cybersecurity Information Security Privacy 60

Adam Levin

MARCH 19, 2019

A health company’s unprotected server exposed over six million health records in the last 12 months. Meditlab, an electronic medical record company, left a server for electronic faxes completely unprotected since bringing it online in March 2018. million Dow Jones & Co. clients , the Brazilian government and many others.

Insurance 77

Insurance Government Cybersecurity Access 77

Data Matters

JUNE 29, 2018

On June 28, 2018, California Gov. Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This new legislation may well have an outsize influence on privacy laws nationwide. California was the first state to adopt an express right of privacy in its state constitution.

GDPR 79

GDPR Privacy Sales Data breaches 79

IT Governance

JUNE 27, 2019

After a rampant start to the year for data breaches and cyber attacks, it’s about time we went one month without at least one massive security incident. June 2019’s total of 39,713,046 breached records is the lowest since May last year – the month that the GDPR (General Data Protection Regulation) came into effect. Data breaches.

Data breaches 111

Data breaches Personal data Ransomware GDPR 111

IT Governance

JANUARY 29, 2019

Although there will be some debate about the usefulness of including the 772,904,991 records from the Collection #1 breach – which comprises data stolen from a number of historic data breaches – even without them, the number of breached records still stands at just under 1 billion records for January 2019. Data breach.

Data breaches 111

Data breaches Ransomware Phishing Privacy 111

eSecurity Planet

JANUARY 11, 2022

Investors, business clients, and more continue to look for secure application access for remote workers , provide real-time visibility into cyberattacks, and protect data as it travels from the cloud to edge networks and end-users and back. Startup Est Headquarters Staff Funding Funding Type Abnormal Security 2018 San Francisco, CA 261 $74.0

Cybersecurity 142

Cybersecurity Cloud Compliance Analytics 142

Data Matters

JUNE 29, 2018

On June 28, 2018, California Gov. Jerry Brown signed into law the California Consumer Privacy Act of 2018 (AB 375). This new legislation may well have an outsize influence on privacy laws nationwide. California was the first state to adopt an express right of privacy in its state constitution.

GDPR 60

GDPR Privacy Sales Data breaches 60

ARMA International

FEBRUARY 21, 2020

Once connected, data can be exchanged, and the body and device can be remotely monitored and controlled.” On the downside, because of their almost constant presence, the devices can facilitate an all-encompassing capture of personal information, intended and unintended, which, for example, can run afoul of workplace privacy laws.

Computer and Electronics 105

Computer and Electronics Privacy Artificial Intelligence IoT 105

Data Matters

JUNE 26, 2018

On June 25, 2018, California Secretary of State Alex Padilla announced that a potentially significant privacy initiative is eligible for the Nov. If passed, the ballot initiative — the California Consumer Privacy Act (CCPA) — would immediately make sweeping changes to California’s privacy laws. biometric data.

Privacy 60

Privacy GDPR Sales Data breaches 60

Data Matters

DECEMBER 27, 2017

12 presentation to a Hong Kong legislative committee, CAD announced that it is considering forming a UAS registration system for all drones 250 grams and up (whether for commercial use or not) and potentially requiring training, licensing and insurance for certain risk categories and uses of drones.

Insurance 74

Insurance Privacy Risk IT 74

IT Governance

OCTOBER 31, 2019

In a month where security experts across Europe were boosting awareness of cyber security , organisations had mixed results in their own data protection practices. On the one hand, the 421,103,896 data records that were confirmed to have been breached in October represents about 50% of the monthly average. Data breaches.

Data breaches 92

Data breaches Ransomware Phishing Retail 92

Data Protection Report

AUGUST 29, 2017

Earlier this month, Delaware revamped its data breach notification law, with changes to go into effect April 14, 2018. Most notably, the new law requires any entity that has suffered a data breach that includes social security numbers to provide free credit monitoring services to affected residents for one year.

Data breaches 40

Data breaches Insurance Encryption Passwords 40

Privacy and Cybersecurity Law

NOVEMBER 8, 2018

Consumer privacy rights in California are well established. The California Constitution expressly grants California citizens a right to privacy. Accordingly, the CCPA was passed unanimously on June 28, 2018 by the California legislature and signed by the governor the same day.

Privacy 58

Privacy Sales Compliance Cybersecurity 58

Data Matters

MAY 9, 2019

The National Association of Insurance Commissioners (NAIC) held its Spring 2019 National Meeting (Spring Meeting) in Orlando, Florida, from April 6 to 9, 2019. The vote to adopt the prior versions of the proposed amendments to the CFR Model Laws was delayed in December 2018 after the U.S.

Insurance 68

Insurance Blockchain Big data Risk 68

erwin

NOVEMBER 14, 2019

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. It is also used to make data more easily understood and secure.

Government 40

Government Data breaches Metadata GDPR 40

Privacy and Cybersecurity Law

NOVEMBER 9, 2018

Consumer privacy rights in California are well established. The California Constitution expressly grants California citizens a right to privacy. Accordingly, the CCPA was passed unanimously on June 28, 2018 by the California legislature and signed by the governor the same day.

Privacy 58

Privacy Sales Education Compliance 58

DLA Piper Privacy Matters

NOVEMBER 6, 2018

In the run up to the implementation of the EU General Data Protection Regulation 2016/679, there were various dystopian predictions of huge fines and the rise of US style class action. He also sent copies of the data to three UK newspapers anonymously, one of which notified Morrisons of the issue. Morrisons #2 Court of Appeal.

Insurance 45

Insurance Data breaches Personal data GDPR 45

Data Protection Report

JULY 8, 2019

Following the now famous €50m fine imposed on Google LLC in January 2019, [1] the French Data Protection Authority (the CNIL ) published a decision taken on 28 May 2019 [2] imposing a fine of €400,000 on SERGIC, a company specialised in real estate development, purchase, sale, rental and property management.

GDPR 40

GDPR Personal data Compliance Security 40

DLA Piper Privacy Matters

APRIL 1, 2020

Today the Supreme Court allowed an appeal in Morrisons v Various Claimants1, a significant judgment addressing the extent of an employers’ liability for data breaches maliciously committed by an employee. The Data Protection Act 1998 does not exclude the imposition of vicarious liability for statutory or common law wrongs. Background.

Data breaches 59

Data breaches GDPR Personal data Information governance 59

Data Matters

DECEMBER 14, 2018

On December 14, 2018, the U.S. The RFI seeks public input on a broad range of potential reforms to Health Insurance Portability and Accountability Act (HIPAA) regulations with a focus on enhancing care coordination. Comments are due by February 12, 2019. health care system.

Privacy 68

Privacy Insurance Access IT 68

Data Matters

AUGUST 19, 2020

On July 21, 2020, the New York State Department of Financial Services (NYDFS or the Department) issued a statement of charges and notice of hearing (the Statement) against First American Title Insurance Company (First American) for violations of the Department’s Cybersecurity Requirements for Financial Services Companies, 23 N.Y.C.R.R.

Financial Services 68

Financial Services Cybersecurity Insurance Risk 68

eSecurity Planet

APRIL 26, 2022

Investments in cybersecurity more than doubled from $12 billion to $29.5 billion in 2021, and growing concerns over data security , software supply chains , and ransomware suggest the market will remain strong through economic ups and downs. How to Land a Round of Funding Securing Data and Infrastructure is Hot. BVP Investments.

Cybersecurity 126

Cybersecurity Cloud Marketing Security 126

CGI

DECEMBER 19, 2017

Tue, 12/19/2017 - 14:18. As a technology company my employer regularly tests my reaction to these risks; but as we move into a riskier world, that will require more exposure of our failings to the general public and regulators, let’s makes 2018 the year where regulatory impetus shapes a different type of behaviour amongst us all.

GDPR 40

GDPR Insurance Risk Privacy 40

Data Protector

OCTOBER 11, 2017

What follows below is an edited version of the debate in the House of Lords of the Second Reading of the Data Protection Bill, held on 10 October. Data is not just a resource for better marketing, better service and delivery. Data is used to build products themselves. It has become a cliché that data is the new oil.

GDPR 120

GDPR Personal data Government IT 120

Data Matters

FEBRUARY 10, 2022

For example, SEC guidance from 2018 emphasizes that there is a range of factors that may affect whether an incident should be disclosed to investors beyond the bottom-line financial costs to respond to the incident. Public Companies and Service Providers. Public companies currently must disclose material cybersecurity incidents.

Cybersecurity 88

Cybersecurity Marketing Risk Compliance 88

DLA Piper Privacy Matters

FEBRUARY 12, 2018

Following in the footsteps of Governments across international borders, the results of the long-awaited and much discussed Review into Open Banking in Australia were released late on Friday, 9 February, 2018. ACCC will be supported by other regulators, most notably OAIC on customer privacy and security protection.

Privacy 40

Privacy Government Access Insurance 40

Hunton Privacy

DECEMBER 1, 2020

On November 26, 2020, the French Data Protection Authority (the “CNIL”) announced that it imposed a fine of €2.25 million on Carrefour France and a fine of €800,000 on Carrefour Banque for various violations of the EU General Data Protection Regulation (“GDPR”) and Article 82 of the French Data Protection Act governing the use of cookies.

GDPR 91

GDPR Personal data Data collection Marketing 91

HL Chronicle of Data Protection

MAY 29, 2019

Following the one-year anniversary of the coming into effect of the GDPR, Hogan Lovells’ Privacy and Cybersecurity practice has prepared summaries of key GDPR-related developments of the past 12 months. The summaries cover regulatory guidance, enforcement actions, court proceedings, and various reports and materials.

GDPR 40

GDPR Personal data Privacy Information architecture 40

Hunton Privacy

DECEMBER 15, 2017

On December 12, 2017, the Federal Trade Commission hosted a workshop on informational injury in Washington, D.C. Later in the afternoon, the discussion turned to business and consumer perspectives on the benefits, costs and risks of collecting and sharing data.

Privacy 42

Privacy Retail Risk Insurance 42

Data Matters

OCTOBER 22, 2019

In the summer of 2018, the California Legislature drafted and passed the California Consumer Privacy Act (CCPA) in record time. Businesses, consumer advocates, and privacy watchers thus have been eagerly waiting for over a year for the Attorney General to propose the regulations the CCPA requires him to promulgate.

Privacy 60

Privacy Sales Paper Compliance 60

Data Matters

OCTOBER 23, 2019

In the summer of 2018, the California Legislature drafted and passed the California Consumer Privacy Act (CCPA) in record time. Businesses, consumer advocates, and privacy watchers have thus been eagerly waiting for over a year for the Attorney General to propose the regulations the CCPA requires him to promulgate.

Sales 60

Sales Privacy Passwords Compliance 60

Data Matters

APRIL 23, 2018

* This article first appeared in In-House Defense Quarterly on April 3, 2018. Additionally, the quantity of issues that can arise throughout the data lifecycle would require a longer investigation than the scope of this paper will cover. Creating an enterprise-wide governance structure.

Cybersecurity 60

Cybersecurity Risk Passwords Authentication 60

Data Matters

SEPTEMBER 18, 2019

These regulatory technical standards were passed into EU law as Commission Delegated Regulation (EU) 2018/389 (the RTS), which entered into effect on September 14, 2019. Examples of MITs given by the EBA include utilities bill payments, TV and mobile phone subscriptions, digital services subscriptions and insurance premium payments.

Authentication 102

Authentication e-Delivery Risk Sales 102