Definition, Financial Services and Government - Information Management Today

NYDFS Amends Cybersecurity Rules for Financial Services Companies

Hunton Privacy

NOVEMBER 23, 2022

On November 9, 2022, the New York Department of Financial Services (NYDFS) released its second, proposed amendments to the Part 500 Cybersecurity Rule. Revised Definition of Class A Companies. Cybersecurity Governance.

Financial Services

Financial Services Cybersecurity Ransomware Compliance

AI Governance: Why our tested framework is essential in an AI world

Collibra

AUGUST 14, 2023

As we speed into a new AI era, there’s a critical element that’s often missing when organizations rush forward in hyper-competitive markets to build scalable, trusted AI programs — and that’s AI governance. An AI governance framework offers a blueprint for how to create successful AI products.

Government

Government Risk Financial Services Compliance

Top 6 Best Practices for Data Governance

Collibra

MARCH 11, 2021

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. Focus on the operating model.

Government

Government Communications Insurance Customer Experience

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

6 best practices for a data governance strategy

Collibra

APRIL 11, 2022

Data governance is a very intricate field, so implementing and sustaining data governance comes with a suite of challenges. Luckily, thousands, if not millions, of organizations use data governance to improve their operations, so you can learn from others’ mistakes and successes. What are data governance best practices?

Government

Government Communications Insurance Customer Experience

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

Hunton Privacy

JULY 5, 2023

On June 28, 2023, the New York Department of Financial Services (“NYDFS”) published an updated proposed Second Amendment (“Amendment”) to its Cybersecurity Regulation, 23 NYCRR Part 500. As described below, senior governing bodies would have new oversight responsibilities under the amendments.

Cybersecurity

Cybersecurity IT Compliance Financial Services

NYDFS finalizes cybersecurity rule amendments

Data Protection Report

NOVEMBER 2, 2023

On November 1, 2023, the New York Department of Financial Services (NYDFS) finalized the second amendment to its cybersecurity regulations, which are available here. The two definitions from Section 500.1 a)), this new term applies. NYDFS stated: The Department has revised the language of § 500.17(a)

Cybersecurity

Cybersecurity Compliance Financial Services Government

#ModernDataMasters: Nicola Askham, The Data Governance Coach

Reltio

SEPTEMBER 24, 2019

Nicola Askham is the leading data governance training provider in the UK with over 16 years of experience and research in the field. She delivers training and consulting to major organisations to help them implement full data governance frameworks. ” However, I got into data governance totally by accident.

Government

Government Digital transformation Big data IT

Scary Fraud Ensues When ID Theft & Usury Collide

Krebs on Security

JANUARY 25, 2022

MSF said the personal information involved in this incident may have included name, date of birth, government-issued identification numbers (e.g., 14, 2022 breach notification letter from tribal lender Mountain Summit Financial. .” According to Buckley LLP , a financial services law firm based in Washington, D.C.,

Financial Services

Financial Services IT Data breaches Authentication

Integrating Long-Term Digital Preservation into Your Information Governance Program: First Steps

Preservica

NOVEMBER 6, 2017

The 2016 IGI Benchmark Report on The Governance of Long-term Digital Information confirmed that nearly all organizations represented have digital records and information that keep or need to keep in excess of 10 years. Download the Information Governance Initiative (IGI) benchmark report and the 2017 benchmark highlights.

Digital preservation

Digital preservation Information governance Government Archiving

Security Compliance & Data Privacy Regulations

eSecurity Planet

AUGUST 9, 2022

See the Top Governance, Risk and Compliance (GRC) Tools. Other industry standards too can have the force of “pseudo-law” – notably, the NIST Cybersecurity Framework, which federal regulators often apply to financial-services firms and government contractors. PIPL Raises the Bar – And the Stakes. In the U.S.,

Data Privacy

Data Privacy Compliance Privacy Security

erwin’s Predictions for 2021: Data Relevance Shines at the End of the Tunnel

erwin

JANUARY 7, 2021

In highly regulated environments, such as financial services, healthcare and pharma, attestations, audit trails and compliance reporting are required regardless of circumstances and will be difficult with a manual, laborious approach. However, that definition is too narrow in terms of AI’s relation to data governance.

Metadata

Metadata Artificial Intelligence Compliance Government

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

The Last Watchdog

APRIL 3, 2019

Identity governance and administration, or IGA , has suddenly become a front-burner matter at many enterprises. Related: Identity governance issues in the age of digital transformation. I had the chance at RSA 2019 to visit with Mike Kiser, global strategist at SailPoint , an Austin, TX-based supplier of IGA services to discuss this.

Digital transformation

Digital transformation Insurance Compliance Healthcare

Enterprise Architect: A Role That Keeps Evolving

erwin

MAY 2, 2019

Enterprise architect is a common job title within IT organizations at large companies, but the term lacks any standard definition. That’s one of the reasons the enterprise architect role has no standard definition. What the enterprise architects at your organization do depends in large part on how the IT department is organized.

Digital transformation

Digital transformation Healthcare Compliance Cloud

The Impact of Data Protection Laws on Your Records Retention Schedule

ARMA International

APRIL 18, 2022

The purpose of this article is to remove the fear and intimidation of domestic and global data protection laws and show how these laws and requirements are consistent with the existing objectives of your records retention schedule and information governance policy. Definition and Purpose of a Records Retention Schedule.

Personal data

Personal data GDPR Privacy Records Management

NYDFS issues significant guidance on insurers using AI or external data

Data Protection Report

FEBRUARY 2, 2024

On January 17, 2024 the New York Department of Financial Services (“NYDFS”) published a Proposed Insurance Circular Letter (“Proposed Circular”) regarding the use of artificial intelligence systems (“AIS”) and external consumer data and information sources (“ECDIS”) in insurance underwriting and pricing.

Insurance

Insurance Artificial Intelligence Risk Compliance

Takeaways From CCPA Public Forums

Data Matters

FEBRUARY 12, 2019

The forums won’t likely provide definitive answers, they will likely provide some of the best information available. Definition of Unique Identifiers. Updating as needed the definition of unique identifiers. Adjusting the monetary threshold governing what businesses are covered by the Act. What are the next steps?

Sales

Sales Privacy Data Privacy Compliance

The Hybrid Cloud Forecast: Part 2

IBM Big Data Hub

JUNE 26, 2023

One of the few pre-scripted questions I ask in most of the episodes is about the guest’s definition of “hybrid cloud.” It isn’t a surprise that so many of the guests on my podcast work on topics and technologies directly related to cloud. ” The answers have all been comparable.

Cloud

Cloud Financial Services IT Government

GDPR automated decision-making and profiling: what are the requirements?

IT Governance

NOVEMBER 9, 2018

In brief: Profiling now has a distinct definition. Profiling is most often used for marketing purposes, but it is also used in other areas, such as healthcare, financial services and education, where large volumes of data need to be analysed in order to make quicker and more consistent decisions. Help complying with the GDPR.

GDPR

GDPR Personal data Financial Services Compliance

FCC Seeks to Refresh the TCPA Record

HL Chronicle of Data Protection

MAY 21, 2018

Circuit struck down the FCC’s 2015 interpretation of the definition of “automatic telephone dialing system” (autodialer) as overly broad, arbitrarily vague, and “utterly unreasonable.” Should contractors acting on behalf of the federal government be considered “persons” under the TCPA? In March, the D.C.

Communications

Communications Financial Services Privacy Government

CCAR MRAs: 6 abilities you need

Collibra

NOVEMBER 3, 2020

For banks to ensure preparation for CCAR MRA and sustainable regulatory compliance, they need to shift their thinking to focus on data governance, which requires a different set of capabilities. CCAR MRAs and governance capabilities . 6 must haves for your governance platform. Questions for your vendor.

Metadata

Metadata Government Compliance Financial Services

California Consumer Privacy Act: The Challenge Ahead – The Interplay Between the CCPA and Financial Institutions

HL Chronicle of Data Protection

DECEMBER 7, 2018

This blog post provides background on the scope of the exemption and an overview of key considerations for financial institutions developing CCPA compliance programs. The financial services industry is one of the most heavily regulated industries when it comes to protecting the privacy of personal information. Background.

Privacy

Privacy Financial Services Compliance Data breaches

Understanding China’s Data Regulatory Regime: What Are Important Data? And Can They Be Transferred Outside Of China?

Data Matters

APRIL 11, 2022

The CSL does not provide a definition for “important data”. Once finalized, it will be enacted by the State Council (China’s central government) as an “administrative regulation”, which is subordinate to the national laws (e.g., Then, what are “important data”? The CSL and the DSL.

Military

Military Artificial Intelligence Security Financial Services

New York Enacts Stricter Data Cybersecurity Laws

Data Matters

AUGUST 5, 2019

The law broadens the definition of “private information” which sets forth the information elements that, if breached, could trigger a notification obligation. The Stop Hacks and Improve Electronic Data Security Act.

Cybersecurity

Cybersecurity Data breaches Privacy Risk

Cloud, Intelligent Content Services, and Digital Fragility: What’s on the RIM Horizon for 2020

ARMA International

DECEMBER 26, 2019

Government topped the list of vertical industries at 23%. in 2017), with the remainder reporting into senior administrative roles, compliance, corporate services, or finance teams. in 2017), with the remainder reporting into senior administrative roles, compliance, corporate services, or finance teams.

Content services

Content services Cloud Records Management Privacy

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The New York State Department for Financial Services regulations require covered entities to have appropriate record retention policies and procedures and the CCPA provides an extra incentive to implement proper information governance to minimise the costs data access requests. In the U.S., Conquer the world!

Privacy

Privacy GDPR Data breaches Risk

White House Releases Cybersecurity Legislative Proposal

Hunton Privacy

MAY 13, 2011

The provisions are aimed at standardizing the requirements for reporting security breaches by, among other things, establishing statutory definitions of a “security breach” and “sensitive personally identifiable information.”. The heaviest impacts are likely to be felt by the financial services, energy and IT/communication sectors.

Cybersecurity

Cybersecurity Data breaches Information Security Financial Services

CIPL Publishes Discussion Paper on Digital Assets and Privacy

Hunton Privacy

JANUARY 20, 2023

As financial services authorities move to regulate digital assets in jurisdictions worldwide, the paper highlights the need to bring privacy regulators into the discussion so that data privacy issues affecting blockchain are addressed in tandem. Confidentiality and government access. Accountability. Individual rights.

Paper

Paper Blockchain Privacy Financial Services

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

DLA Piper Privacy Matters

AUGUST 23, 2021

We have summarised the key compliance obligations under the PIPL below, with new obligations in bold for ease of reference: Relevant Laws/Regulations The PIPL becomes the primary, national-level law governing processing of personal information, but does not replace the existing data privacy framework.

Data Privacy

Data Privacy Privacy Compliance Analytics

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

Data Protection Report

MARCH 7, 2024

The proposed definition of “listed identifier” is Full or truncated government identification or account number (such as a Social Security Number, driver’s license or state identification number, passport number, or Alien Registration Number) [Note that this definition apparently includes truncated Social Security Numbers.]

Access

Access Military Compliance Personal data

US: Surviving the service provider data breach

DLA Piper Privacy Matters

JULY 30, 2019

Some states – such as Alabama, Massachusetts and New York (for financial services companies) – prescribe particular requirements of a “reasonable” cybersecurity program. At least nine states expressly extend these requirements to service providers.

Data breaches

Data breaches Cybersecurity Financial Services Risk

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

The New York State Department for Financial Services regulations require covered entities to have appropriate record retention policies and procedures and the CCPA provides an extra incentive to implement proper information governance to minimise the costs data access requests. In the U.S., Conquer the world!

Privacy

Privacy GDPR Data breaches Risk

#ModernDataMasters: Mike Evans, Chief Technology Officer

Reltio

MARCH 19, 2019

It will be possible to put more emphasis on the people, process and data governance which really make MDM live and breathe.”. We teach that problem solving is at the core of MDM, and how important data governance principles are regardless of the configuration of the underpinning technology.”. Prioritise people, process and governance.

MDM

MDM Retail IT Government

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

HL Chronicle of Data Protection

NOVEMBER 15, 2018

The draft text of the EU-UK withdrawal agreement was published by the UK Government and the European Union yesterday, providing some of the first concrete indicators of the possible direction of travel in the area of data protection. Definition of Union law. EU’s commitment to an adequacy assessment. Alternative scenarios.

GDPR

GDPR Personal data Government Financial Services

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

HL Chronicle of Data Protection

MARCH 14, 2019

The proposed Rule would allow the CISO to be an employee of a service provider or affiliate, although in that case the FI would be required to designate a senior member of its personnel to direct and oversee the CISO. Board reporting. Periodic risk assessments.

Privacy

Privacy Risk Cybersecurity Information Security

CISA issues proposed rules for cyber incident reporting in critical infrastructure

Data Protection Report

APRIL 9, 2024

For example, government contractors or subcontractors with reporting obligations to the DOD or DOE for cyber incidents, or financial services entities that are already required to report cyber incidents to their primary federal regulator would be considered “covered entities” under the CIRCIA.

Ransomware

Ransomware Agriculture Cybersecurity Government

erwin, Microsoft and the Power of the Common Data Model

erwin

DECEMBER 17, 2020

The same is true for data, with a number of vendors creating data models by vertical industry (financial services, healthcare, etc.) The CDM provides a best-practices approach to defining data to accelerate data literacy, automation, integration and governance across the enterprise. The CDM takes this concept to the next level.

Metadata

Metadata Analytics Government Financial Services

Singapore Parliament Passes Personal Data Protection Act

Hunton Privacy

OCTOBER 17, 2012

The new law will apply only to data processing in the private sector as data processing by public agencies (or organizations acting on behalf of public agencies) are already subject to internal government rules. Reportedly, the bill will become law in January 2013, enforceable after 18 months, in mid-2014.

Personal data

Personal data Financial Services Data Privacy Data breaches

Regulatory Update: NAIC Summer 2018 National Meeting

Data Matters

AUGUST 24, 2018

Department of Labor’s regulations expanding the definition of the term “fiduciary” (Fiduciary Rule), the Annuity Suitability (A) Working Group (ASWG) is proceeding with developing proposed amendments to the NAIC’s Suitability in Annuity Transactions Model Regulation (SAT).

Insurance

Insurance Big data e-Delivery Risk

#ModernDataMasters: Henrik Liliendahl, Chairman & CTO, Product Data Lake

Reltio

JUNE 20, 2019

But that was my route into data management and going from there into MDM PIM and data governance. Yes you have customers but does your definition of customer make sense in the real world? To find that out we applied some matching techniques.”. I developed that product and later merged it into a larger company. Eg a customer table.

MDM

MDM Manufacturing Computer and Electronics Digital transformation

Congress Passes Cyber Incident Reporting for Critical Infrastructure Act of 2022

Data Matters

MARCH 21, 2022

The reporting requirements will cover multiple sectors of the economy, including chemical industry entities, commercial facilities, communications sector entities, critical manufacturing, dams, financial services entities, food and agriculture sector entities, healthcare entities, information technology, energy, and transportation.

Ransomware

Ransomware Cybersecurity Agriculture Communications

Four Use Cases Proving the Benefits of Metadata-Driven Automation

erwin

FEBRUARY 7, 2019

As such, traditional – and mostly manual – processes associated with data management and data governance have broken down. The banking, financial services and insurance industry typically deals with higher data velocity and tighter regulations than most. The volume and variety of data has snowballed, and so has its velocity.

Metadata

Metadata Healthcare Insurance Financial Services

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Data Protection Report

DECEMBER 17, 2020

On 25 November 2020, the European Commission ( EC ) published its proposed Data Governance Regulation (the DGR ), which will create a new legal framework to encourage the development of a European single market for data. What are the objectives of the Data Governance Regulation? This is part one of a series of three blog posts.

Government

Government Personal data Marketing Artificial Intelligence

Regulatory Update: NAIC Summer 2019 National Meeting

Data Matters

SEPTEMBER 4, 2019

NAIC Evaluating Definition of “Best Interest” to Determine Whether to Impose Such a Standard in the Suitability in Annuity Transactions Model Regulation. While the VOS Task Force has not provided a specific definition that covers all possible bespoke securities, it has identified certain common characteristics of such securities.

Insurance

Insurance Paper Risk Analytics

NYDFS Amends Cybersecurity Rules for Financial Services Companies

AI Governance: Why our tested framework is essential in an AI world

Webinars

Trending Sources

Top 6 Best Practices for Data Governance

Webinars

Top 7 Data Governance Blog Posts of 2018

6 best practices for a data governance strategy

NYDFS Proposes Updated Second Amendment to Its Cybersecurity Regulation

NYDFS finalizes cybersecurity rule amendments

#ModernDataMasters: Nicola Askham, The Data Governance Coach

Scary Fraud Ensues When ID Theft & Usury Collide

Integrating Long-Term Digital Preservation into Your Information Governance Program: First Steps

Security Compliance & Data Privacy Regulations

erwin’s Predictions for 2021: Data Relevance Shines at the End of the Tunnel

BEST PRACTICES: Rising complexities of provisioning identities has pushed ‘IGA’ to the fore

Enterprise Architect: A Role That Keeps Evolving

The Impact of Data Protection Laws on Your Records Retention Schedule

NYDFS issues significant guidance on insurers using AI or external data

Takeaways From CCPA Public Forums

The Hybrid Cloud Forecast: Part 2

GDPR automated decision-making and profiling: what are the requirements?

FCC Seeks to Refresh the TCPA Record

CCAR MRAs: 6 abilities you need

California Consumer Privacy Act: The Challenge Ahead – The Interplay Between the CCPA and Financial Institutions

Understanding China’s Data Regulatory Regime: What Are Important Data? And Can They Be Transferred Outside Of China?

New York Enacts Stricter Data Cybersecurity Laws

Cloud, Intelligent Content Services, and Digital Fragility: What’s on the RIM Horizon for 2020

The Privacy Officers’ New Year’s Resolutions

White House Releases Cybersecurity Legislative Proposal

CIPL Publishes Discussion Paper on Digital Assets and Privacy

China’s PIPL has finally arrived, and brings helpful clarification (rather than substantial change) to China’s data privacy framework

Executive Order on access to Americans’ bulk sensitive data and Attorney General proposed regulations – Part 2

US: Surviving the service provider data breach

The Privacy Officers’ New Year’s Resolutions

#ModernDataMasters: Mike Evans, Chief Technology Officer

Data Protection and the Draft EU-UK Withdrawal Agreement: Ten Initial Conclusions

FTC Seeks Comment on Proposed Changes to GLBA Implementing Rules

CISA issues proposed rules for cyber incident reporting in critical infrastructure

erwin, Microsoft and the Power of the Common Data Model

Singapore Parliament Passes Personal Data Protection Act

Regulatory Update: NAIC Summer 2018 National Meeting

#ModernDataMasters: Henrik Liliendahl, Chairman & CTO, Product Data Lake

Congress Passes Cyber Incident Reporting for Critical Infrastructure Act of 2022

Four Use Cases Proving the Benefits of Metadata-Driven Automation

EU data governance regulation – a wave of digital, regulatory and antitrust reform begins – Part 1

Regulatory Update: NAIC Summer 2019 National Meeting

Stay Connected